Skip to main content

CryptoKeyPair

licenz_core::keys

Struct CryptoKeyPair

pub struct CryptoKeyPair {
    pub public_key_pem: String,
    pub algorithm_id: String,
    /* private fields */
}

Expand description

Algorithm-agnostic key pair that works with any supported signature algorithm

This struct provides a unified interface for key management across different cryptographic algorithms (RSA, Ed25519, etc.).

The private key is stored in a Zeroizing<String> wrapper that automatically clears memory when dropped, preventing key material from lingering in memory.

Fields§

§public_key_pem: String

The public key in PEM format

§algorithm_id: String

The algorithm identifier (e.g., “RSA-SHA256”, “Ed25519”)

Implementations§

impl CryptoKeyPair

pub fn private_key_pem(&self) -> &str

Get a reference to the private key PEM

pub fn generate(algorithm_id: &str) -> Result<Self>

Generate a new key pair using the specified algorithm

§Arguments

algorithm_id - The algorithm to use (e.g., “RSA-SHA256”, “Ed25519”)

§Example

use licenz_core::keys::CryptoKeyPair;
use licenz_core::crypto::algorithm_ids;

let keypair = CryptoKeyPair::generate(algorithm_ids::ED25519).unwrap();

pub fn from_pem( private_key_pem: String, public_key_pem: String, algorithm_id: &str, ) -> Self

Create from existing PEM keys

§Arguments

private_key_pem - The private key in PEM format
public_key_pem - The public key in PEM format
algorithm_id - The algorithm identifier

pub fn load_from_files( private_path: &Path, public_path: &Path, algorithm_id: &str, ) -> Result<Self>

Load a key pair from files

On Unix, this checks that the private key file is not readable by group/other.

§Arguments

private_path - Path to the private key PEM file
public_path - Path to the public key PEM file
algorithm_id - The algorithm identifier

pub fn save_to_files( &self, private_path: &Path, public_path: &Path, ) -> Result<()>

Save the key pair to files

pub fn sign(&self, data: &[u8]) -> Result<Vec<u8>>

Sign data using this key pair’s private key

pub fn verify(&self, data: &[u8], signature: &[u8]) -> Result<()>

Verify a signature using this key pair’s public key

pub fn get_algorithm(&self) -> Result<&'static dyn SignatureAlgorithm>

Get the signature algorithm for this key pair

pub fn from_rsa_keypair(keypair: &KeyPair) -> Result<Self>

Convert a legacy RSA KeyPair to a CryptoKeyPair

Trait Implementations§

impl Debug for CryptoKeyPair

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for CryptoKeyPair

impl RefUnwindSafe for CryptoKeyPair

impl Send for CryptoKeyPair

impl Sync for CryptoKeyPair

impl Unpin for CryptoKeyPair

impl UnsafeUnpin for CryptoKeyPair

impl UnwindSafe for CryptoKeyPair

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more