bc_envelope

Struct PrivateKeyBase

Source 
pub struct PrivateKeyBase(/* private fields */);
Expand description

A secure foundation for deriving multiple cryptographic keys.

PrivateKeyBase serves as a root of cryptographic material from which various types of keys can be deterministically derived. It securely manages the underlying key material and provides methods to derive specific cryptographic keys for different purposes.

It supports:

  • Deterministic derivation of signing keys (Schnorr, ECDSA, Ed25519)
  • Deterministic derivation of encryption keys (X25519)
  • SSH key generation for various algorithms (Ed25519, ECDSA, DSA, RSA)
  • Key pair generation for both signing and encryption

This design allows a single master seed to generate multiple secure keys for different cryptographic operations, similar to the concept of an HD wallet in cryptocurrency systems.

§Security

PrivateKeyBase implements ZeroizeOnDrop to securely erase the sensitive key material from memory when the object is dropped, reducing the risk of key extraction via memory attacks.

§Examples

Creating and using a PrivateKeyBase:

use bc_components::PrivateKeyBase;
use bc_components::Signer;
use bc_components::{PrivateKeysProvider, PublicKeysProvider};

// Create a new random PrivateKeyBase
let key_base = PrivateKeyBase::new();

// Sign a message using the derived Schnorr key
let message = b"Hello, world!";
let signature = key_base.sign(message).unwrap();

// Generate a key pair for public/private key operations
let (private_keys, public_keys) = (key_base.private_keys(), key_base.public_keys());

Implementations§

Source§

impl PrivateKeyBase

Source

pub fn new() -> PrivateKeyBase

Generate a new random PrivateKeyBase.

Source

pub fn from_data(data: impl Into<Vec<u8>>) -> PrivateKeyBase

Restores a PrivateKeyBase from bytes.

Source

pub fn from_optional_data(data: Option<impl Into<Vec<u8>>>) -> PrivateKeyBase

Restores a PrivateKeyBase from an optional reference to an array of bytes.

If the data is None, a new random PrivateKeyBase is generated.

Source

pub fn new_using(rng: &mut impl RandomNumberGenerator) -> PrivateKeyBase

Generate a new random PrivateKeyBase using the given random number generator.

Source

pub fn new_with_provider( provider: impl PrivateKeyDataProvider, ) -> PrivateKeyBase

Create a new PrivateKeyBase from the given private keys data provider.

Source

pub fn ecdsa_signing_private_key(&self) -> SigningPrivateKey

Derive a new ECDSA SigningPrivateKey from this PrivateKeyBase.

Source

pub fn schnorr_signing_private_key(&self) -> SigningPrivateKey

Derive a new Schnorr SigningPrivateKey from this PrivateKeyBase.

Source

pub fn ed25519_signing_private_key(&self) -> SigningPrivateKey

Derive a new Ed25519 SigningPrivateKey from this PrivateKeyBase.

Source

pub fn ssh_signing_private_key( &self, algorithm: Algorithm, comment: impl Into<String>, ) -> Result<SigningPrivateKey, Error>

Derive a new SSH SigningPrivateKey from this PrivateKeyBase.

Source

pub fn x25519_private_key(&self) -> X25519PrivateKey

Derive a new X25519PrivateKey from this PrivateKeyBase.

An X25519 key for public key encryption.

Source

pub fn schnorr_private_keys(&self) -> PrivateKeys

Derive a new PrivateKeys from this PrivateKeyBase.

  • Includes a Schnorr private key for signing.
  • Includes an X25519 private key for encryption.
Source

pub fn schnorr_public_keys(&self) -> PublicKeys

Derive a new PublicKeys from this PrivateKeyBase.

  • Includes a Schnorr public key for signing.
  • Includes an X25519 public key encryption.
Source

pub fn ecdsa_private_keys(&self) -> PrivateKeys

Derive a new PrivateKeys from this PrivateKeyBase.

  • Includes an ECDSA private key for signing.
  • Includes an X25519 private key for encryption.
Source

pub fn ecdsa_public_keys(&self) -> PublicKeys

Derive a new PublicKeys from this PrivateKeyBase.

  • Includes an ECDSA public key for signing.
  • Includes an X25519 public key for encryption.
Source

pub fn ssh_private_keys( &self, algorithm: Algorithm, comment: impl Into<String>, ) -> Result<PrivateKeys, Error>

Derive a new PrivateKeys from this PrivateKeyBase.

  • Includes an SSH private key for signing.
  • Includes an X25519 private key for encryption.
Source

pub fn ssh_public_keys( &self, algorithm: Algorithm, comment: impl Into<String>, ) -> Result<PublicKeys, Error>

Derive a new PublicKeys from this PrivateKeyBase.

  • Includes an SSH public key for signing.
  • Includes an X25519 public key for encryption.
Source

pub fn data(&self) -> &[u8]

Get the raw data of this PrivateKeyBase.

Trait Implementations§

Source§

impl AsRef<[u8]> for PrivateKeyBase

Source§

fn as_ref(&self) -> &[u8]

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl AsRef<PrivateKeyBase> for PrivateKeyBase

Source§

fn as_ref(&self) -> &PrivateKeyBase

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl CBORTagged for PrivateKeyBase

Source§

fn cbor_tags() -> Vec<Tag>

Returns the CBOR tags associated with this type. Read more
Source§

impl CBORTaggedDecodable for PrivateKeyBase

Source§

fn from_untagged_cbor(untagged_cbor: CBOR) -> Result<PrivateKeyBase, Error>

Creates an instance of this type by decoding it from untagged CBOR. Read more
Source§

fn from_tagged_cbor(cbor: CBOR) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from tagged CBOR. Read more
Source§

fn from_tagged_cbor_data(data: impl AsRef<[u8]>) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from binary encoded tagged CBOR. Read more
Source§

fn from_untagged_cbor_data(data: impl AsRef<[u8]>) -> Result<Self, Error>
where Self: Sized,

Creates an instance of this type by decoding it from binary encoded untagged CBOR. Read more
Source§

impl CBORTaggedEncodable for PrivateKeyBase

Source§

fn untagged_cbor(&self) -> CBOR

Returns the untagged CBOR encoding of this instance. Read more
Source§

fn tagged_cbor(&self) -> CBOR

Returns the tagged CBOR encoding of this instance. Read more
Source§

fn tagged_cbor_data(&self) -> Vec<u8>

Returns the tagged value in CBOR binary representation. Read more
Source§

impl Clone for PrivateKeyBase

Source§

fn clone(&self) -> PrivateKeyBase

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PrivateKeyBase

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Decrypter for PrivateKeyBase

Source§

fn encapsulation_private_key(&self) -> EncapsulationPrivateKey

Returns the encapsulation private key for this decrypter. Read more
Source§

fn decapsulate_shared_secret( &self, ciphertext: &EncapsulationCiphertext, ) -> Result<SymmetricKey, Error>

Decapsulates a shared secret from a ciphertext. Read more
Source§

impl Default for PrivateKeyBase

Source§

fn default() -> PrivateKeyBase

Returns the “default value” for a type. Read more
Source§

impl Drop for PrivateKeyBase

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl<'a> From<&'a PrivateKeyBase> for &'a [u8]

Source§

fn from(value: &'a PrivateKeyBase) -> &'a [u8]

Converts to this type from the input type.
Source§

impl From<PrivateKeyBase> for CBOR

Source§

fn from(value: PrivateKeyBase) -> CBOR

Converts to this type from the input type.
Source§

impl From<PrivateKeyBase> for Envelope

Source§

fn from(value: PrivateKeyBase) -> Self

Converts this value into an envelope.

Source§

impl PartialEq for PrivateKeyBase

Source§

fn eq(&self, other: &PrivateKeyBase) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl PrivateKeysProvider for PrivateKeyBase

Source§

fn private_keys(&self) -> PrivateKeys

Returns a complete set of private keys for cryptographic operations. Read more
Source§

impl PublicKeysProvider for PrivateKeyBase

Source§

fn public_keys(&self) -> PublicKeys

Returns a complete set of public keys for cryptographic operations. Read more
Source§

impl Signer for PrivateKeyBase

Source§

fn sign_with_options( &self, message: &dyn AsRef<[u8]>, options: Option<SigningOptions>, ) -> Result<Signature, Error>

Signs a message with additional options specific to the signature scheme. Read more
Source§

fn sign(&self, message: &dyn AsRef<[u8]>) -> Result<Signature, Error>

Signs a message using default options. Read more
Source§

impl TryFrom<CBOR> for PrivateKeyBase

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from( cbor: CBOR, ) -> Result<PrivateKeyBase, <PrivateKeyBase as TryFrom<CBOR>>::Error>

Performs the conversion.
Source§

impl TryFrom<Envelope> for PrivateKeyBase

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from(envelope: Envelope) -> Result<Self>

Performs the conversion.
Source§

impl Verifier for PrivateKeyBase

Source§

fn verify(&self, signature: &Signature, message: &dyn AsRef<[u8]>) -> bool

Verifies a signature against a message. Read more
Source§

impl Eq for PrivateKeyBase

Source§

impl StructuralPartialEq for PrivateKeyBase

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CBOREncodable for T
where T: Into<CBOR> + Clone,

Source§

fn to_cbor(&self) -> CBOR

Converts this value to a CBOR object. Read more
Source§

fn to_cbor_data(&self) -> Vec<u8>

Converts this value directly to binary CBOR data. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> EnvelopeEncodable for T
where T: Into<Envelope> + Clone,

Source§

fn into_envelope(self) -> Envelope

Converts the value into an envelope by using its Into<Envelope> implementation.

Source§

fn to_envelope(&self) -> Envelope
where Self: Clone,

Converts a reference to this value into a Gordian Envelope. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToHex for T
where T: AsRef<[u8]>,

Source§

fn encode_hex<U>(&self) -> U
where U: FromIterator<char>,

Encode the hex strict representing self into the result. Lower case letters are used (e.g. f9b4ca)
Source§

fn encode_hex_upper<U>(&self) -> U
where U: FromIterator<char>,

Encode the hex strict representing self into the result. Upper case letters are used (e.g. F9B4CA)
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> URDecodable for T
where T: CBORTaggedDecodable,

Source§

fn from_ur(ur: impl AsRef<UR>) -> Result<Self, Error>
where Self: Sized,

Source§

fn from_ur_string(ur_string: impl Into<String>) -> Result<Self, Error>
where Self: Sized,

Source§

impl<T> UREncodable for T
where T: CBORTaggedEncodable,

Source§

fn ur(&self) -> UR

Returns the UR representation of the object.
Source§

fn ur_string(&self) -> String

Returns the UR string representation of the object.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> CBORCodable for T
where T: CBORDecodable + CBOREncodable,

Source§

impl<T> CBORDecodable for T
where T: TryFrom<CBOR>,

Source§

impl<T> CBORTaggedCodable for T
where T: CBORTaggedEncodable + CBORTaggedDecodable,

Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T

Source§

impl<T> URCodable for T
where T: UREncodable + URDecodable,