1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
//!
//! A convenient high-level library to work with PKCS#12/PFX keystores, written in pure Rust,
//! modeled after Java KeyStore API.
//!
//! This crate consists of a [KeyStore] struct which provides a set of functions to read and write PKCS#12 files
//! and their contents. It supports single- or multi-keychain keystores and also so called 'truststores'
//! (keystores with only root certificates and without private keys).
//!
//! Each entry in the keystore is accessed by 'alias', which is a friendly name chosen when creating it.
//!
//! All certificates must be encoded in X.509 format. Private keys must be encoded in PKCS#8.
//!
//! Each private key contains a key material, a local key ID (unique byte or string sequence) and a list of
//! certificates organized into chain. The first in the chain must be the entity certificate associated with
//! the private key. The last must be the CA root certificate, with any intermediates in between.
//!
//! Supported encryption schemes:
//!
//! * [EncryptionAlgorithm::PbeWithShaAnd3KeyTripleDesCbc] - legacy encryption to support the existing stores
//! * [EncryptionAlgorithm::PbeWithShaAnd40BitRc4Cbc] - legacy encryption to support the existing stores
//! * [EncryptionAlgorithm::PbeWithHmacSha256AndAes256] - the default encryption which should be used for new keystores
//!
//! Supported MAC algorithms: [MacAlgorithm::HmacSha1], [MacAlgorithm::HmacSha256]
//!
pub use rand;
/// Result type for keystore operations
pub type Result<T> = Result;
pub use Certificate;
pub use ;
pub use ;