Struct pkcs8::PrivateKeyInfo

source · [−]

pub struct PrivateKeyInfo<'a> {
    pub algorithm: AlgorithmIdentifier<'a>,
    pub private_key: &'a [u8],
    pub public_key: Option<&'a [u8]>,
}

Expand description

PKCS#8 PrivateKeyInfo.

ASN.1 structure containing an AlgorithmIdentifier, private key data in an algorithm specific format, and optional attributes (ignored by this implementation).

Supports PKCS#8 v1 as described in RFC 5208 and PKCS#8 v2 as described in RFC 5958. PKCS#8 v2 keys include an additional public key field.

PKCS#8 v1 `PrivateKeyInfo`

Described in RFC 5208 Section 5:

PrivateKeyInfo ::= SEQUENCE {
        version                   Version,
        privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
        privateKey                PrivateKey,
        attributes           [0]  IMPLICIT Attributes OPTIONAL }

Version ::= INTEGER

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

PKCS#8 v2 `OneAsymmetricKey`

PKCS#8 OneAsymmetricKey as described in RFC 5958 Section 2:

PrivateKeyInfo ::= OneAsymmetricKey

OneAsymmetricKey ::= SEQUENCE {
    version                   Version,
    privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
    privateKey                PrivateKey,
    attributes            [0] Attributes OPTIONAL,
    ...,
    [[2: publicKey        [1] PublicKey OPTIONAL ]],
    ...
  }

Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2)

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

PublicKey ::= BIT STRING

Fields

algorithm: AlgorithmIdentifier<'a>

X.509 AlgorithmIdentifier for the private key type.

private_key: &'a [u8]

Private key data.

public_key: Option<&'a [u8]>

Public key data, optionally available if version is V2.

Implementations

impl<'a> PrivateKeyInfo<'a>

pub fn new(algorithm: AlgorithmIdentifier<'a>, private_key: &'a [u8 ]) -> Self

Create a new PKCS#8 PrivateKeyInfo message.

This is a helper method which initializes attributes and public_key to None, helpful if you aren’t using those.

pub fn version(&self) -> Version

Get the PKCS#8 Version for this structure.

Version::V1 if public_key is None, Version::V2 if Some.

pub fn encrypt(
    &self,
    rng: impl CryptoRng + RngCore,
    password: impl AsRef<[u8 ]>
) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using a symmetric encryption key derived from the provided password.

Uses the following algorithms for encryption:

PBKDF: scrypt with default parameters:
- log₂(N): 15
- r: 8
- p: 1
Cipher: AES-256-CBC (best available option for PKCS#5 encryption)

pub fn encrypt_with_params(
    &self,
    pbes2_params: Parameters<'_>,
    password: impl AsRef<[u8 ]>
) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using a symmetric encryption key derived from the provided password and pbes2::Parameters.

Trait Implementations

impl<'a> Clone for PrivateKeyInfo<'a>

fn clone(&self) -> PrivateKeyInfo<'a>

Returns a copy of the value. Read more

1.0.0 · source

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl<'a> ConstantTimeEq for PrivateKeyInfo<'a>

Available on crate feature subtle only.

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal. Read more

impl<'a> Debug for PrivateKeyInfo<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl<'a> DecodeValue<'a> for PrivateKeyInfo<'a>

fn decode_value<R: Reader<'a>>(
reader: &mut R,
header: Header
) -> Result<PrivateKeyInfo<'a>>

Attempt to decode this message using the provided Reader.

impl<'a> PartialEq<PrivateKeyInfo<'a>> for PrivateKeyInfo<'a>

Available on crate feature subtle only.

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==. Read more

1.0.0 · source

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl PemLabel for PrivateKeyInfo<'_>

Available on crate feature pem only.

const PEM_LABEL: &'static str = "PRIVATE KEY"

Expected PEM type label for a given document, e.g. "PRIVATE KEY"

fn validate_pem_label(actual: &str) -> Result<(), Error>

Validate that a given label matches the expected label.

impl<'a> Sequence<'a> for PrivateKeyInfo<'a>

fn fields<F, T>(&self, f: F) -> Result<T> where
F: FnOnce(&[&dyn Encode ]) -> Result<T>,

Call the provided function with a slice of Encode trait objects representing the fields of this SEQUENCE. Read more

impl TryFrom<&'_ PrivateKeyInfo<'_>> for SecretDocument

Available on crate feature alloc only.

type Error = Error

The type returned in the event of a conversion error.

fn try_from(private_key: &PrivateKeyInfo<'_>) -> Result<SecretDocument>

Performs the conversion.

impl<'a> TryFrom<&'a [u8 ]> for PrivateKeyInfo<'a>

type Error = Error

The type returned in the event of a conversion error.

fn try_from(bytes: &'a [u8 ]) -> Result<Self>

Performs the conversion.

impl TryFrom<PrivateKeyInfo<'_>> for SecretDocument

Available on crate feature alloc only.

type Error = Error

The type returned in the event of a conversion error.

fn try_from(private_key: PrivateKeyInfo<'_>) -> Result<SecretDocument>

Performs the conversion.

impl<'a> Eq for PrivateKeyInfo<'a>

Available on crate feature subtle only.

Auto Trait Implementations

impl<'a> RefUnwindSafe for PrivateKeyInfo<'a>

impl<'a> Send for PrivateKeyInfo<'a>

impl<'a> Sync for PrivateKeyInfo<'a>

impl<'a> Unpin for PrivateKeyInfo<'a>

impl<'a> UnwindSafe for PrivateKeyInfo<'a>

Blanket Implementations

impl<T> Any for T where
T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T where
T: ?Sized,

const: unstable · source

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T where
T: ?Sized,

const: unstable · source

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<'a, T> Choice<'a> for T where
T: Decode<'a> + FixedTag,

fn can_decode(tag: Tag) -> bool

Is the provided Tag decodable as a variant of this CHOICE?

impl<'a, T> Decode<'a> for T where
T: DecodeValue<'a> + FixedTag,

fn decode<R>(reader: &mut R) -> Result<T, Error> where
R: Reader<'a>,

Attempt to decode this message using the provided decoder.

fn from_der(bytes: &'a [u8 ]) -> Result<Self, Error>

Parse Self from the provided DER-encoded byte slice.

impl<T> DecodePem for T where
T: DecodeOwned + PemLabel,

fn from_pem(pem: impl AsRef<[u8 ]>) -> Result<T, Error>

Try to decode this type from PEM.

impl<T> Encode for T where
T: EncodeValue + Tagged,

fn encoded_len(&self) -> Result<Length, Error>

Compute the length of this value in bytes when encoded as ASN.1 DER.

fn encode(&self, writer: &mut dyn Writer) -> Result<(), Error>

Encode this value as ASN.1 DER using the provided Writer.

fn encode_to_slice(&self, buf: &'a mut [u8 ]) -> Result<&'a [u8 ], Error>

Encode this value to the provided byte slice, returning a sub-slice containing the encoded message. Read more

fn encode_to_vec(&self, buf: &mut Vec<u8, Global>) -> Result<Length, Error>

Encode this message as ASN.1 DER, appending it to the provided byte vector. Read more

fn to_vec(&self) -> Result<Vec<u8, Global>, Error>

Serialize this message as a byte vector.

impl<T> EncodePem for T where
T: Encode + PemLabel,

fn to_pem(&self, line_ending: LineEnding) -> Result<String, Error>

Try to encode this type as PEM.

impl<'a, M> EncodeValue for M where
M: Sequence<'a>,

fn value_len(&self) -> Result<Length, Error>

Compute the length of this value (sans [Tag]+Length header) when encoded as ASN.1 DER. Read more

fn encode_value(&self, writer: &mut dyn Writer) -> Result<(), Error>

Encode value (sans [Tag]+Length header) as ASN.1 DER using the provided Writer. Read more

Get the Header used to encode this value.

impl<'a, M> FixedTag for M where
M: Sequence<'a>,

const TAG: Tag = Tag::Sequence

ASN.1 tag

impl<T> From<T> for T

const: unstable · source

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T where
U: From<T>,

const: unstable · source

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same<T> for T

type Output = T

Should always be Self

impl<T> Tagged for T where
T: FixedTag,

fn tag(&self) -> Tag

Get the ASN.1 tag that this type is encoded with.

impl<T> ToOwned for T where
T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T where
U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

const: unstable · source

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T where
U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

const: unstable · source

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> DecodeOwned for T where
T: for<'a> Decode<'a>,