Skip to main content

PrivateKeyInfo

pkcs8

Struct PrivateKeyInfo 

Source 
pub struct PrivateKeyInfo<Params, Key, PubKey> {
    pub algorithm: AlgorithmIdentifier<Params>,
    pub private_key: Key,
    pub public_key: Option<PubKey>,
}
Expand description

PKCS#8 PrivateKeyInfo.

ASN.1 structure containing an AlgorithmIdentifier, private key data in an algorithm specific format, and optional attributes (ignored by this implementation).

Supports PKCS#8 v1 as described in RFC 5208 and PKCS#8 v2 as described in RFC 5958. PKCS#8 v2 keys include an additional public key field.

§PKCS#8 v1 PrivateKeyInfo

Described in RFC 5208 Section 5:

PrivateKeyInfo ::= SEQUENCE {
        version                   Version,
        privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
        privateKey                PrivateKey,
        attributes           [0]  IMPLICIT Attributes OPTIONAL }

Version ::= INTEGER

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

§PKCS#8 v2 OneAsymmetricKey

PKCS#8 OneAsymmetricKey as described in RFC 5958 Section 2:

PrivateKeyInfo ::= OneAsymmetricKey

OneAsymmetricKey ::= SEQUENCE {
    version                   Version,
    privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
    privateKey                PrivateKey,
    attributes            [0] Attributes OPTIONAL,
    ...,
    [[2: publicKey        [1] PublicKey OPTIONAL ]],
    ...
  }

Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2)

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier

PrivateKey ::= OCTET STRING

Attributes ::= SET OF Attribute

PublicKey ::= BIT STRING

Fields§

§algorithm: AlgorithmIdentifier<Params>

X.509 AlgorithmIdentifier for the private key type.

§private_key: Key

Private key data. Exact content format is different between algorithms.

§public_key: Option<PubKey>

Public key data, optionally available if version is V2.

Implementations§

Source§

impl<Params, Key, PubKey> PrivateKeyInfo<Params, Key, PubKey>

Source

pub fn new(algorithm: AlgorithmIdentifier<Params>, private_key: Key) -> Self

Create a new PKCS#8 PrivateKeyInfo message.

This is a helper method which initializes attributes and public_key to None, helpful if you aren’t using those.

Source

pub fn version(&self) -> Version

Get the PKCS#8 Version for this structure.

Version::V1 if public_key is None, Version::V2 if Some.

Source§

impl<'a, Params, Key, PubKey> PrivateKeyInfo<Params, Key, PubKey>
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a + EncodeValue, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a + BitStringLike,

Source

pub fn encrypt(&self, password: impl AsRef<[u8]>) -> Result<SecretDocument>

Available on crate feature getrandom only.

Encrypt this private key using an encryption key derived from the provided password.

Uses the following algorithms for encryption:

  • PBKDF: scrypt with default parameters:
    • log₂(N): 15
    • r: 8
    • p: 1
  • Cipher: AES-256-CBC (best available option for PKCS#5 encryption)
§Errors
  • Propagates errors from calling Encode::to_der on Self.
  • Returns errors in the event encryption failed.
Source

pub fn encrypt_with_rng<R: TryCryptoRng>( &self, rng: &mut R, password: impl AsRef<[u8]>, ) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using an encryption key derived from the provided password.

This function allows the RNG used to derive the salt/IV to be specified directly.

§Errors
  • Propagates errors from calling Encode::to_der on Self.
  • Returns errors in the event encryption failed.
Source

pub fn encrypt_with_params( &self, pbes2_params: Parameters, password: impl AsRef<[u8]>, ) -> Result<SecretDocument>

Available on crate feature encryption only.

Encrypt this private key using a symmetric encryption key derived from the provided password and pbes2::Parameters.

§Errors
  • Propagates errors from calling Encode::to_der on Self.
  • Returns errors in the event encryption failed.

Trait Implementations§

Source§

impl<Params: Clone, Key: Clone, PubKey: Clone> Clone for PrivateKeyInfo<Params, Key, PubKey>

Source§

fn clone(&self) -> PrivateKeyInfo<Params, Key, PubKey>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<Params, Key, PubKey> CtEq for PrivateKeyInfo<Params, Key, PubKey>
where Params: Eq, Key: PartialEq + AsRef<[u8]>, PubKey: PartialEq,

Available on crate feature ctutils only.
Source§

fn ct_eq(&self, other: &Self) -> Choice

Determine if self is equal to other in constant-time.
Source§

fn ct_ne(&self, other: &Rhs) -> Choice

Determine if self is NOT equal to other in constant-time.
Source§

impl<Params, Key, PubKey> Debug for PrivateKeyInfo<Params, Key, PubKey>
where Params: Debug, PubKey: Debug,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'a, Params, Key, PubKey> DecodeValue<'a> for PrivateKeyInfo<Params, Key, PubKey>
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a,

Source§

type Error = Error

Type returned in the event of a decoding error.
Source§

fn decode_value<R: Reader<'a>>(reader: &mut R, _header: Header) -> Result<Self>

Attempt to decode this value using the provided Reader. Read more
Source§

impl<'a, Params, Key, PubKey> EncodeValue for PrivateKeyInfo<Params, Key, PubKey>
where Params: Choice<'a, Error = Error> + Encode, Key: EncodeValue + FixedTag, PubKey: BitStringLike,

Source§

fn value_len(&self) -> Result<Length>

Compute the length of this value (sans [Tag]+Length header) when encoded as ASN.1 DER. Read more
Source§

fn encode_value(&self, writer: &mut impl Writer) -> Result<()>

Encode value (sans [Tag]+Length header) as ASN.1 DER using the provided Writer. Read more
Source§

fn header(&self) -> Result<Header, Error>
where Self: Tagged,

Get the Header used to encode this value. Read more
Source§

impl<Params, Key, PubKey> PartialEq for PrivateKeyInfo<Params, Key, PubKey>
where Params: Eq, Key: PartialEq + AsRef<[u8]>, PubKey: PartialEq,

Available on crate feature ctutils only.
Source§

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<Params, Key, PubKey> PemLabel for PrivateKeyInfo<Params, Key, PubKey>

Available on crate feature pem only.
Source§

const PEM_LABEL: &'static str = "PRIVATE KEY"

Expected PEM type label for a given document, e.g. "PRIVATE KEY"
Source§

fn validate_pem_label(actual: &str) -> Result<(), Error>

Validate that a given label matches the expected label.
Source§

impl<'a, Params, Key, PubKey> TryFrom<&'a [u8]> for PrivateKeyInfo<Params, Key, PubKey>
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a + EncodeValue, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a + BitStringLike,

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from(bytes: &'a [u8]) -> Result<Self>

Performs the conversion.
Source§

impl<'a, Params, Key, PubKey> TryFrom<&PrivateKeyInfo<Params, Key, PubKey>> for SecretDocument
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a + EncodeValue, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a + BitStringLike,

Available on crate feature alloc only.
Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from( private_key: &PrivateKeyInfo<Params, Key, PubKey>, ) -> Result<SecretDocument>

Performs the conversion.
Source§

impl<'a, Params, Key, PubKey> TryFrom<PrivateKeyInfo<Params, Key, PubKey>> for SecretDocument
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a + EncodeValue, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a + BitStringLike,

Available on crate feature alloc only.
Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from( private_key: PrivateKeyInfo<Params, Key, PubKey>, ) -> Result<SecretDocument>

Performs the conversion.
Source§

impl<Params, Key, PubKey> Eq for PrivateKeyInfo<Params, Key, PubKey>
where Params: Eq, Key: AsRef<[u8]> + Eq, PubKey: Eq,

Available on crate feature ctutils only.
Source§

impl<'a, Params, Key, PubKey> Sequence<'a> for PrivateKeyInfo<Params, Key, PubKey>
where Params: Choice<'a, Error = Error> + Encode, Key: DecodeValue<'a, Error = Error> + FixedTag + 'a + EncodeValue, PubKey: DecodeValue<'a, Error = Error> + FixedTag + 'a + BitStringLike,

Auto Trait Implementations§

§

impl<Params, Key, PubKey> Freeze for PrivateKeyInfo<Params, Key, PubKey>
where Key: Freeze, PubKey: Freeze, Params: Freeze,

§

impl<Params, Key, PubKey> RefUnwindSafe for PrivateKeyInfo<Params, Key, PubKey>
where Key: RefUnwindSafe, PubKey: RefUnwindSafe, Params: RefUnwindSafe,

§

impl<Params, Key, PubKey> Send for PrivateKeyInfo<Params, Key, PubKey>
where Key: Send, PubKey: Send, Params: Send,

§

impl<Params, Key, PubKey> Sync for PrivateKeyInfo<Params, Key, PubKey>
where Key: Sync, PubKey: Sync, Params: Sync,

§

impl<Params, Key, PubKey> Unpin for PrivateKeyInfo<Params, Key, PubKey>
where Key: Unpin, PubKey: Unpin, Params: Unpin,

§

impl<Params, Key, PubKey> UnsafeUnpin for PrivateKeyInfo<Params, Key, PubKey>
where Key: UnsafeUnpin, PubKey: UnsafeUnpin, Params: UnsafeUnpin,

§

impl<Params, Key, PubKey> UnwindSafe for PrivateKeyInfo<Params, Key, PubKey>
where Key: UnwindSafe, PubKey: UnwindSafe, Params: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<'a, T> Choice<'a> for T
where T: Decode<'a> + FixedTag,

Source§

fn can_decode(tag: Tag) -> bool

Is the provided Tag decodable as a variant of this CHOICE?
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<'a, T> Decode<'a> for T
where T: DecodeValue<'a> + FixedTag + 'a,

Source§

type Error = <T as DecodeValue<'a>>::Error

Type returned in the event of a decoding error.
Source§

fn decode<R>(reader: &mut R) -> Result<T, <T as DecodeValue<'a>>::Error>
where R: Reader<'a>,

Attempt to decode this TLV message using the provided decoder. Read more
Source§

fn from_der(bytes: &'a [u8]) -> Result<Self, Self::Error>

Parse Self from the provided DER-encoded byte slice. Read more
Source§

fn from_der_partial(bytes: &'a [u8]) -> Result<(Self, &'a [u8]), Self::Error>

Parse Self from the provided DER-encoded byte slice. Read more
Source§

impl<T> DecodePem for T
where T: DecodeOwned<Error = Error> + PemLabel,

Source§

fn from_pem(pem: impl AsRef<[u8]>) -> Result<T, Error>

Try to decode this type from PEM. Read more
Source§

impl<T> Encode for T
where T: EncodeValue + Tagged + ?Sized,

Source§

fn encoded_len(&self) -> Result<Length, Error>

Compute the length of this TLV object in bytes when encoded as ASN.1 DER. Read more
Source§

fn encode(&self, writer: &mut impl Writer) -> Result<(), Error>

Encode this TLV object as ASN.1 DER using the provided Writer. Read more
Source§

fn encode_to_slice<'a>(&self, buf: &'a mut [u8]) -> Result<&'a [u8], Error>

Encode this TLV object to the provided byte slice, returning a sub-slice containing the encoded message. Read more
Source§

fn encode_to_vec(&self, buf: &mut Vec<u8>) -> Result<Length, Error>

Available on crate feature alloc only.
Encode this TLV object as ASN.1 DER, appending it to the provided byte vector. Read more
Source§

fn to_der(&self) -> Result<Vec<u8>, Error>

Available on crate feature alloc only.
Encode this TLV object as ASN.1 DER, returning a byte vector. Read more
Source§

impl<T> EncodePem for T
where T: Encode + PemLabel + ?Sized,

Source§

fn to_pem(&self, line_ending: LineEnding) -> Result<String, Error>

Try to encode this type as PEM. Read more
Source§

impl<'a, S> FixedTag for S
where S: Sequence<'a>,

Source§

const TAG: Tag = Tag::Sequence

ASN.1 tag
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IsConstructed for T
where T: FixedTag + ?Sized,

Source§

const CONSTRUCTED: bool

ASN.1 constructed bit
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> Tagged for T
where T: FixedTag + ?Sized,

Source§

fn tag(&self) -> Tag

Get the ASN.1 tag that this type is encoded with.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DecodeOwned for T
where T: for<'a> Decode<'a>,