Struct certify::KeyPair [−][src]
pub struct KeyPair { /* fields omitted */ }
Expand description
A key pair used to sign certificates and CSRs
Note that ring, the underlying library to handle RSA keys
requires them to be in a special format, meaning that
openssl genrsa
doesn’t work. See ring’s documentation
for how to generate RSA keys in the wanted format
and conversion between the formats.
Implementations
Parses the key pair from the DER format
Equivalent to using the TryFrom
implementation.
Parses the key pair from the ASCII PEM format
This constructor is only available if rcgen is built with the “pem” feature
pub fn from_remote(
key_pair: Box<dyn RemoteKeyPair + Send + Sync + 'static, Global>
) -> Result<KeyPair, RcgenError>
pub fn from_remote(
key_pair: Box<dyn RemoteKeyPair + Send + Sync + 'static, Global>
) -> Result<KeyPair, RcgenError>
Obtains the key pair from a raw public key and a remote private key
pub fn from_pem_and_sign_algo(
pem_str: &str,
alg: &'static SignatureAlgorithm
) -> Result<KeyPair, RcgenError>
pub fn from_pem_and_sign_algo(
pem_str: &str,
alg: &'static SignatureAlgorithm
) -> Result<KeyPair, RcgenError>
Obtains the key pair from a DER formatted key
using the specified SignatureAlgorithm
Same as from_pem_and_sign_algo.
This constructor is only available if rcgen is built with the “pem” feature
pub fn from_der_and_sign_algo(
pkcs8: &[u8],
alg: &'static SignatureAlgorithm
) -> Result<KeyPair, RcgenError>
pub fn from_der_and_sign_algo(
pkcs8: &[u8],
alg: &'static SignatureAlgorithm
) -> Result<KeyPair, RcgenError>
Obtains the key pair from a DER formatted key
using the specified SignatureAlgorithm
Usually, calling this function is not neccessary and you can just call
from_der
instead. That function will try to figure
out a fitting SignatureAlgorithm
for the given
key pair. However sometimes multiple signature algorithms fit for the
same der key. In that instance, you can use this function to precisely
specify the SignatureAlgorithm
.
Generate a new random key pair for the specified signature algorithm
Get the raw public key of this key pair
The key is in raw format, as how ring::signature::KeyPair::public_key
would output, and how ring::signature::UnparsedPublicKey::verify
would accept.
Check if this key pair can be used with the given signature algorithm
Returns (possibly multiple) compatible SignatureAlgorithm
’s
that the key can be used with
Return the key pair’s public key in DER format
The key is formatted according to the SubjectPublicKeyInfo struct of X.509. See RFC 5280 section 4.1.
Return the key pair’s public key in PEM format
The returned string can be interpreted with openssl pkey --inform PEM -pubout -pubin -text
This function is only available if rcgen is built with the “pem” feature
Serializes the key pair (including the private key) in PKCS#8 format in DER
Panics if called on a remote key pair.
Serializes the key pair (including the private key) in PKCS#8 format in PEM
This function is only available if rcgen is built with the “pem” feature