Struct ring::signature::Ed25519KeyPair

pub struct Ed25519KeyPair { /* fields omitted */ }

An Ed25519 key pair, for signing.

Methods

impl Ed25519KeyPair

pub fn generate_pkcs8(rng: &dyn SecureRandom) -> Result<Document, Unspecified>

Generates a new key pair and returns the key pair serialized as a PKCS#8 document.

The PKCS#8 document will be a v2 OneAsymmetricKey with the public key, as described in RFC 5958 Section 2. See also https://tools.ietf.org/html/draft-ietf-curdle-pkix-04.

pub fn from_pkcs8(pkcs8: &[u8]) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair by parsing an unencrypted PKCS#8 v2 Ed25519 private key.

openssl genpkey -algorithm ED25519 generates PKCS# v1 keys, which require the use of Ed25519KeyPair::from_pkcs8_maybe_unchecked() instead of Ed25519KeyPair::from_pkcs8().

The input must be in PKCS#8 v2 format, and in particular it must contain the public key in addition to the private key. from_pkcs8() will verify that the public key and the private key are consistent with each other.

If you need to parse PKCS#8 v1 files (without the public key) then use Ed25519KeyPair::from_pkcs8_maybe_unchecked() instead.

pub fn from_pkcs8_maybe_unchecked(pkcs8: &[u8]) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair by parsing an unencrypted PKCS#8 v1 or v2 Ed25519 private key.

openssl genpkey -algorithm ED25519 generates PKCS# v1 keys.

It is recommended to use Ed25519KeyPair::from_pkcs8(), which accepts only PKCS#8 v2 files that contain the public key. from_pkcs8_maybe_unchecked() parses PKCS#2 files exactly like from_pkcs8(). It also accepts v1 files. PKCS#8 v1 files do not contain the public key, so when a v1 file is parsed the public key will be computed from the private key, and there will be no consistency check between the public key and the private key.

PKCS#8 v2 files are parsed exactly like Ed25519KeyPair::from_pkcs8().

pub fn from_seed_and_public_key(
    seed: &[u8],
    public_key: &[u8]
) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair from the private key seed seed and its public key public_key.

It is recommended to use Ed25519KeyPair::from_pkcs8() instead.

The private and public keys will be verified to be consistent with each other. This helps avoid misuse of the key (e.g. accidentally swapping the private key and public key, or using the wrong private key for the public key). This also detects any corruption of the public or private key.

pub fn from_seed_unchecked(seed: &[u8]) -> Result<Self, KeyRejected>

Constructs a Ed25519 key pair from the private key seed seed.

It is recommended to use Ed25519KeyPair::from_pkcs8() instead. When that is not practical, it is recommended to use Ed25519KeyPair::from_seed_and_public_key() instead.

Since the public key is not given, the public key will be computed from the private key. It is not possible to detect misuse or corruption of the private key since the public key isn't given as input.

pub fn sign(&self, msg: &[u8]) -> Signature

Returns the signature of the message msg.

Trait Implementations

impl KeyPair for Ed25519KeyPair

type PublicKey = PublicKey

The type of the public key.

fn public_key(&self) -> &Self::PublicKey

The public key for the key pair.

impl Debug for Ed25519KeyPair

fn fmt(&self, f: &mut Formatter) -> Result<(), Error>

Formats the value using the given formatter.