Struct EcdsaP256SecretKey 

pub struct EcdsaP256SecretKey(/* private fields */);

Available on (crate features argon2 or ecdsa-p256 or ecdsa-p384 or ed25519 or hkdf or hmac or kmac or ml-kem or phc-strings or rsa or scrypt or x25519) and (crate features ecdsa-p256 or ecdsa-p384) only.

P-256 ECDSA secret scalar.

Implementations

impl EcdsaP256SecretKey

pub const LENGTH: usize = 32

P-256 secret scalar length in bytes.

pub fn from_bytes(bytes: [u8; 32]) -> Result<Self, EcdsaError>

Parse a P-256 secret scalar.

pub fn generate(fill: impl FnOnce(&mut [u8; 32])) -> Result<Self, EcdsaError>

Construct a P-256 secret key by filling bytes from the provided closure.

pub fn expose_secret(&self) -> SecretBytes<{ Self::LENGTH }>

Explicitly extract the secret key bytes into a zeroizing wrapper.

pub const fn as_bytes(&self) -> &[u8; 32]

Borrow the secret key bytes.

pub fn public_key(&self) -> EcdsaP256PublicKey

Derive the matching P-256 public key.

pub fn public_key_blinded( &self, fill: impl FnOnce(&mut [u8; 64]), ) -> EcdsaP256PublicKey

Derive the matching P-256 public key with caller-supplied blinding.

The closure should fill the buffer from a CSPRNG. Blinding does not change the public key; it randomizes the internal projective representation used during derivation.

pub fn try_sign(&self, message: &[u8]) -> Result<EcdsaP256Signature, EcdsaError>

Sign a message with P-256/SHA-256.

Errors

Returns EcdsaError::SigningFailure if deterministic nonce derivation produces an invalid ECDSA scalar. This is cryptographically negligible, but the API reports it instead of panicking.

pub fn try_sign_blinded( &self, message: &[u8], fill: impl FnOnce(&mut [u8; 64]), ) -> Result<EcdsaP256Signature, EcdsaError>

Sign a message with P-256/SHA-256 and caller-supplied blinding.

The closure should fill the buffer from a CSPRNG. The ECDSA nonce remains deterministic; the random bytes blind the internal projective kG point.

Errors

Returns EcdsaError::SigningFailure if deterministic nonce derivation reaches an invalid ECDSA scalar.

pub fn display_secret(&self) -> DisplaySecret<'_>

Returns a wrapper that displays the secret key bytes as lowercase hex.

Trait Implementations

impl Clone for EcdsaP256SecretKey

fn clone(&self) -> EcdsaP256SecretKey

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConstantTimeEq for EcdsaP256SecretKey

fn ct_eq(&self, other: &Self) -> bool

Returns true if self and other are equal.

impl Debug for EcdsaP256SecretKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for EcdsaP256SecretKey

fn drop(&mut self)

Executes the destructor for this type.

fn pin_drop(self: Pin<&mut Self>)

🔬This is a nightly-only experimental API. (pin_ergonomics)

Execute the destructor for this type, but different to Drop::drop, it requires self to be pinned.

impl Eq for EcdsaP256SecretKey

impl PartialEq for EcdsaP256SecretKey

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.