Struct EndpointKey

pub struct EndpointKey {
    pub validity: Duration,
    /* private fields */
}

A key pair that identifies and authenticates an Endpoint.

Fields

validity: Duration

How long certificates should be valid for. Defaults to 2 minutes.

Implementations

impl EndpointKey

pub fn generate() -> Result<Self, Error>

Generate a new random key using the default scheme.

pub fn generate_for(scheme: SigScheme) -> Result<Self, Error>

Generate a new random key using a particular scheme.

pub fn load(key: KeyPair, scheme: SigScheme) -> Self

Load an existing key from a rcgen::KeyPair.

Panics if scheme doesn’t match the keypair.

Methods from Deref<Target = KeyPair>

pub fn algorithm(&self) -> &'static SignatureAlgorithm

Returns the key pair’s signature algorithm

pub fn public_key_raw(&self) -> &[u8]

Get the raw public key of this key pair

The key is in raw format, as how ring::signature::KeyPair::public_key would output, and how ring::signature::UnparsedPublicKey::verify would accept.

pub fn is_compatible(&self, signature_algorithm: &SignatureAlgorithm) -> bool

Check if this key pair can be used with the given signature algorithm

pub fn compatible_algs( &self, ) -> impl Iterator<Item = &'static SignatureAlgorithm>

Returns (possibly multiple) compatible SignatureAlgorithm’s that the key can be used with

pub fn public_key_der(&self) -> Vec<u8>

Return the key pair’s public key in DER format

The key is formatted according to the SubjectPublicKeyInfo struct of X.509. See RFC 5280 section 4.1.

pub fn public_key_pem(&self) -> String

Return the key pair’s public key in PEM format

The returned string can be interpreted with openssl pkey --inform PEM -pubout -pubin -text

pub fn serialize_der(&self) -> Vec<u8>

Serializes the key pair (including the private key) in PKCS#8 format in DER

Panics if called on a remote key pair.

pub fn serialized_der(&self) -> &[u8]

Returns a reference to the serialized key pair (including the private key) in PKCS#8 format in DER

Panics if called on a remote key pair.

pub fn as_remote(&self) -> Option<&(dyn RemoteKeyPair + Sync + Send)>

Access the remote key pair if it is a remote one

pub fn serialize_pem(&self) -> String

Serializes the key pair (including the private key) in PKCS#8 format in PEM

Trait Implementations

impl Clone for EndpointKey

fn clone(&self) -> EndpointKey

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for EndpointKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Deref for EndpointKey

type Target = KeyPair

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl ResolvesClientCert for EndpointKey

fn resolve( &self, _hints: &[&[u8]], schemes: &[SignatureScheme], ) -> Option<Arc<CertifiedKey>>

Resolve a client certificate chain/private key to use as the client’s identity.

fn has_certs(&self) -> bool

Return true if any certificates at all are available.

fn only_raw_public_keys(&self) -> bool

Return true if the client only supports raw public keys.

impl ResolvesServerCert for EndpointKey

fn resolve(&self, _hello: ClientHello<'_>) -> Option<Arc<CertifiedKey>>

Choose a certificate chain and matching key given simplified ClientHello information.

fn only_raw_public_keys(&self) -> bool

Return true when the server only supports raw public keys.