Struct pkcs8::PrivateKeyInfo

source ·
pub struct PrivateKeyInfo<'a> {
    pub algorithm: AlgorithmIdentifierRef<'a>,
    pub private_key: &'a [u8],
    pub public_key: Option<&'a [u8]>,
}
Expand description

PKCS#8 PrivateKeyInfo.

ASN.1 structure containing an AlgorithmIdentifier, private key data in an algorithm specific format, and optional attributes (ignored by this implementation).

Supports PKCS#8 v1 as described in RFC 5208 and PKCS#8 v2 as described in RFC 5958. PKCS#8 v2 keys include an additional public key field.

PKCS#8 v1 PrivateKeyInfo

Described in RFC 5208 Section 5:

PrivateKeyInfo ::= SEQUENCE {
        version                   Version,
        privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
        privateKey                PrivateKey,
        attributes           [0]  IMPLICIT Attributes OPTIONAL }

Version ::= INTEGER

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

PKCS#8 v2 OneAsymmetricKey

PKCS#8 OneAsymmetricKey as described in RFC 5958 Section 2:

PrivateKeyInfo ::= OneAsymmetricKey

OneAsymmetricKey ::= SEQUENCE {
    version                   Version,
    privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
    privateKey                PrivateKey,
    attributes            [0] Attributes OPTIONAL,
    ...,
    [[2: publicKey        [1] PublicKey OPTIONAL ]],
    ...
  }

Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2)

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

PublicKey ::= BIT STRING

Fields§

§algorithm: AlgorithmIdentifierRef<'a>

X.509 AlgorithmIdentifier for the private key type.

§private_key: &'a [u8]

Private key data.

§public_key: Option<&'a [u8]>

Public key data, optionally available if version is V2.

Implementations§

source§

impl<'a> PrivateKeyInfo<'a>

source

pub fn new(algorithm: AlgorithmIdentifierRef<'a>, private_key: &'a [u8]) -> Self

Create a new PKCS#8 PrivateKeyInfo message.

This is a helper method which initializes attributes and public_key to None, helpful if you aren’t using those.

source

pub fn version(&self) -> Version

Get the PKCS#8 Version for this structure.

Version::V1 if public_key is None, Version::V2 if Some.

source

pub fn encrypt( &self, rng: impl CryptoRng + RngCore, password: impl AsRef<[u8]> ) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using a symmetric encryption key derived from the provided password.

Uses the following algorithms for encryption:

  • PBKDF: scrypt with default parameters:
    • log₂(N): 15
    • r: 8
    • p: 1
  • Cipher: AES-256-CBC (best available option for PKCS#5 encryption)
source

pub fn encrypt_with_params( &self, pbes2_params: Parameters<'_>, password: impl AsRef<[u8]> ) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using a symmetric encryption key derived from the provided password and pbes2::Parameters.

Trait Implementations§

source§

impl<'a> Clone for PrivateKeyInfo<'a>

source§

fn clone(&self) -> PrivateKeyInfo<'a>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<'a> ConstantTimeEq for PrivateKeyInfo<'a>

Available on crate feature subtle only.
source§

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal. Read more
source§

impl<'a> Debug for PrivateKeyInfo<'a>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'a> DecodeValue<'a> for PrivateKeyInfo<'a>

source§

fn decode_value<R: Reader<'a>>( reader: &mut R, header: Header ) -> Result<PrivateKeyInfo<'a>>

Attempt to decode this message using the provided Reader.
source§

impl EncodeValue for PrivateKeyInfo<'_>

source§

fn value_len(&self) -> Result<Length>

Compute the length of this value (sans [Tag]+Length header) when encoded as ASN.1 DER.
source§

fn encode_value(&self, writer: &mut impl Writer) -> Result<()>

Encode value (sans [Tag]+Length header) as ASN.1 DER using the provided Writer.
source§

fn header(&self) -> Result<Header, Error>where Self: Tagged,

Get the Header used to encode this value.
source§

impl<'a> PartialEq<PrivateKeyInfo<'a>> for PrivateKeyInfo<'a>

Available on crate feature subtle only.
source§

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl PemLabel for PrivateKeyInfo<'_>

Available on crate feature pem only.
source§

const PEM_LABEL: &'static str = "PRIVATE KEY"

Expected PEM type label for a given document, e.g. "PRIVATE KEY"
§

fn validate_pem_label(actual: &str) -> Result<(), Error>

Validate that a given label matches the expected label.
source§

impl<'a> TryFrom<&'a [u8]> for PrivateKeyInfo<'a>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(bytes: &'a [u8]) -> Result<Self>

Performs the conversion.
source§

impl TryFrom<&PrivateKeyInfo<'_>> for SecretDocument

Available on crate feature alloc only.
§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(private_key: &PrivateKeyInfo<'_>) -> Result<SecretDocument>

Performs the conversion.
source§

impl TryFrom<PrivateKeyInfo<'_>> for SecretDocument

Available on crate feature alloc only.
§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(private_key: PrivateKeyInfo<'_>) -> Result<SecretDocument>

Performs the conversion.
source§

impl<'a> Eq for PrivateKeyInfo<'a>

Available on crate feature subtle only.
source§

impl<'a> Sequence<'a> for PrivateKeyInfo<'a>

Auto Trait Implementations§

§

impl<'a> RefUnwindSafe for PrivateKeyInfo<'a>

§

impl<'a> Send for PrivateKeyInfo<'a>

§

impl<'a> Sync for PrivateKeyInfo<'a>

§

impl<'a> Unpin for PrivateKeyInfo<'a>

§

impl<'a> UnwindSafe for PrivateKeyInfo<'a>

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<'a, T> Choice<'a> for Twhere T: Decode<'a> + FixedTag,

source§

fn can_decode(tag: Tag) -> bool

Is the provided Tag decodable as a variant of this CHOICE?
source§

impl<'a, T> Decode<'a> for Twhere T: DecodeValue<'a> + FixedTag,

source§

fn decode<R>(reader: &mut R) -> Result<T, Error>where R: Reader<'a>,

Attempt to decode this message using the provided decoder.
source§

fn from_der(bytes: &'a [u8]) -> Result<Self, Error>

Parse Self from the provided DER-encoded byte slice.
source§

impl<T> DecodePem for Twhere T: DecodeOwned + PemLabel,

source§

fn from_pem(pem: impl AsRef<[u8]>) -> Result<T, Error>

Try to decode this type from PEM.
source§

impl<T> Encode for Twhere T: EncodeValue + Tagged,

source§

fn encoded_len(&self) -> Result<Length, Error>

Compute the length of this value in bytes when encoded as ASN.1 DER.

source§

fn encode(&self, writer: &mut impl Writer) -> Result<(), Error>

Encode this value as ASN.1 DER using the provided Writer.

source§

fn encode_to_slice<'a>(&self, buf: &'a mut [u8]) -> Result<&'a [u8], Error>

Encode this value to the provided byte slice, returning a sub-slice containing the encoded message.
source§

fn encode_to_vec(&self, buf: &mut Vec<u8, Global>) -> Result<Length, Error>

Available on crate feature alloc only.
Encode this message as ASN.1 DER, appending it to the provided byte vector.
source§

fn to_der(&self) -> Result<Vec<u8, Global>, Error>

Available on crate feature alloc only.
Encode this type as DER, returning a byte vector.
source§

impl<T> EncodePem for Twhere T: Encode + PemLabel,

source§

fn to_pem(&self, line_ending: LineEnding) -> Result<String, Error>

Try to encode this type as PEM.
source§

impl<'a, S> FixedTag for Swhere S: Sequence<'a>,

source§

const TAG: Tag = Tag::Sequence

ASN.1 tag
source§

impl<T> From<T> for T

const: unstable · source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

const: unstable · source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> Tagged for Twhere T: FixedTag,

source§

fn tag(&self) -> Tag

Get the ASN.1 tag that this type is encoded with.
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
const: unstable · source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
const: unstable · source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> DecodeOwned for Twhere T: for<'a> Decode<'a>,