Enum x509_certificate::signing::InMemorySigningKeyPair

pub enum InMemorySigningKeyPair {
    Ecdsa(EcdsaKeyPair, EcdsaCurve, Vec<u8>),
    Ed25519(Ed25519KeyPair),
    Rsa(RsaKeyPair, Vec<u8>),
}

Represents a key pair that exists in memory and can be used to create cryptographic signatures.

This is a wrapper around ring’s various key pair types. It provides abstractions tailored for X.509 certificates.

Variants

Ecdsa(EcdsaKeyPair, EcdsaCurve, Vec<u8>)

ECDSA key pair.

Ed25519(Ed25519KeyPair)

ED25519 key pair.

Rsa(RsaKeyPair, Vec<u8>)

RSA key pair.

Implementations

impl InMemorySigningKeyPair

pub fn from_pkcs8_der(data: impl AsRef<[u8]>) -> Result<Self, Error>

Attempt to instantiate an instance from PKCS#8 DER data.

The DER data should be a OneAsymmetricKey ASN.1 structure.

pub fn from_pkcs8_pem(data: impl AsRef<[u8]>) -> Result<Self, Error>

Attempt to instantiate an instance from PEM encoded PKCS#8.

This is just a wrapper for Self::from_pkcs8_der that does the PEM decoding for you.

pub fn generate_random(
    key_algorithm: KeyAlgorithm
) -> Result<(Self, Document), Error>

Generate a random key pair given a key algorithm and optional ECDSA signing algorithm.

The raw PKCS#8 document is returned to facilitate access to the private key.

Not attempt is made to protect the private key in memory.

pub fn verification_algorithm(
    &self
) -> Result<&'static dyn VerificationAlgorithm, Error>

Attempt to resolve a verification algorithm for this key pair.

This is a wrapper around SignatureAlgorithm::resolve_verification_algorithm() with our bound KeyAlgorithm. However, since there are no parameters that can result in wrong choices, this is guaranteed to always work and doesn’t require Result.

Trait Implementations

impl Debug for InMemorySigningKeyPair

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<&'_ InMemorySigningKeyPair> for KeyAlgorithm

fn from(key: &InMemorySigningKeyPair) -> Self

Converts to this type from the input type.

impl From<Ed25519KeyPair> for InMemorySigningKeyPair

fn from(key: Ed25519KeyPair) -> Self

Converts to this type from the input type.

impl Sign for InMemorySigningKeyPair

fn sign(&self, message: &[u8]) -> Result<(Vec<u8>, SignatureAlgorithm), Error>

👎 Deprecated since 0.13.0:

use the signature::Signer trait instead

This will use a new instance of ring’s SystemRandom. The RSA padding algorithm is hard-coded to RSA_PCS1_SHA256.

If you want total control over signing parameters, obtain the underlying ring keypair and call its .sign().

fn key_algorithm(&self) -> Option<KeyAlgorithm>

Obtain the algorithm of the private key.

fn public_key_data(&self) -> Bytes

Obtain the raw bytes constituting the public key of the signing certificate.

fn signature_algorithm(&self) -> Result<SignatureAlgorithm, Error>

Obtain the SignatureAlgorithm that this signer will use.

fn private_key_data(&self) -> Option<Vec<u8>>

Obtain the raw private key data.

fn rsa_primes(&self) -> Result<Option<(Vec<u8>, Vec<u8>)>, Error>

Obtain RSA key primes p and q, if available.

impl Signer<Signature> for InMemorySigningKeyPair

fn try_sign(&self, msg: &[u8]) -> Result<Signature, Error>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong.

fn sign(&self, msg: &[u8]) -> S

Sign the given message and return a digital signature

impl KeyInfoSigner for InMemorySigningKeyPair