pub struct PublicKeyAlgorithmSpecification { /* private fields */ }Expand description
A full specification of a public key algorithm.
OpenPGP’s PublicKeyAlgorithm type does not completely specify
the public key algorithm. For some ECC keys, a curve parameter is
also required, and for some algorithms like RSA and DSA, a size
parameter is required. This data structure captures all of the
required parameters.
Implementations§
Source§impl PublicKeyAlgorithmSpecification
impl PublicKeyAlgorithmSpecification
Source§impl PublicKeyAlgorithmSpecification
impl PublicKeyAlgorithmSpecification
Sourcepub fn is_supported(&self) -> bool
pub fn is_supported(&self) -> bool
Returns whether this algorithm is supported.
Sourcepub fn for_signing(&self) -> bool
pub fn for_signing(&self) -> bool
Returns whether this algorithm is for signing.
Sourcepub fn for_encryption(&self) -> bool
pub fn for_encryption(&self) -> bool
Returns whether this algorithm is for signing.
Sourcepub fn rsa(bits: usize) -> Self
pub fn rsa(bits: usize) -> Self
RSA
According to RFC 9580, Section 9.1, RSA keys are deprecated and should not be generated, but may be interpreted.
Sourcepub fn dsa(bits: usize) -> Self
pub fn dsa(bits: usize) -> Self
DSA
According to RFC 9580, Section 9.1, DSA keys are deprecated and must not be generated.
This library still allows the generation of v4 DSA keys, but forbids the generation of v6 keys.
Sourcepub fn elgamal(bits: usize) -> Self
pub fn elgamal(bits: usize) -> Self
Elgamal
According to RFC 9580, Section 9.1, ElGamal keys are deprecated and must not be generated.
This library still allows the generation of v4 Elgamal keys, but forbids the generation of v6 keys.
Sourcepub fn legacy_ed25519() -> Self
pub fn legacy_ed25519() -> Self
Ed25519
D.J. Bernstein’s “Twisted” Edwards curve Ed25519.
RFC 9580, Section 9.1 deprecates this legacy variant of Cv25519 in favor of a new Ed25519 variant. However, if you are using v4 instead of v6 keys due to interopability concerns, then you should prefer the legacy algorithm as well.
Sourcepub fn legacy_cv25519() -> Self
pub fn legacy_cv25519() -> Self
Cv25519
Elliptic curve Diffie-Hellman using D.J. Bernstein’s Curve25519, legacy variant.
RFC 9580, Section 9.1 deprecates this legacy variant of Cv25519 in favor of a new X25519 variant. However, if you are using v4 instead of v6 keys due to interopability concerns, then you should prefer the legacy algorithm as well.
Sourcepub fn ed25519() -> Self
pub fn ed25519() -> Self
Cv25519
Elliptic curve Diffie-Hellman using D.J. Bernstein’s Curve25519, new variant.
This variant can be used with v4 keys, but if you are using v4
instead of v6 keys due to interopability concerns, then you
should prefer the legacy algorithm,
PublicKeyAlgorithmSpecification::legacy_ed25519 as well.
Sourcepub fn x25519() -> Self
pub fn x25519() -> Self
Cv25519
Elliptic curve Diffie-Hellman using D.J. Bernstein’s Curve25519, new variant.
This variant can be used with v4 keys, but if you are using v4
instead of v6 keys due to interopability concerns, then you
should prefer the legacy algorithm,
PublicKeyAlgorithmSpecification::legacy_cv25519 as well.
Sourcepub fn nistp256_for_encryption() -> Self
pub fn nistp256_for_encryption() -> Self
NIST curve P-256 for encryption.
Sourcepub fn nistp256_for_signing() -> Self
pub fn nistp256_for_signing() -> Self
NIST curve P-256 for signing.
Sourcepub fn nistp384_for_encryption() -> Self
pub fn nistp384_for_encryption() -> Self
NIST curve P-384 for encryption.
Sourcepub fn nistp384_for_signing() -> Self
pub fn nistp384_for_signing() -> Self
NIST curve P-384 for signing.
Sourcepub fn nistp521_for_encryption() -> Self
pub fn nistp521_for_encryption() -> Self
NIST curve P-521 for encryption.
Sourcepub fn nistp521_for_signing() -> Self
pub fn nistp521_for_signing() -> Self
NIST curve P-521 for signing.
Sourcepub fn brainpoolp256_for_encryption() -> Self
pub fn brainpoolp256_for_encryption() -> Self
BRAINPOOL curve P256r1 for encryption.
Sourcepub fn brainpoolp256_for_signing() -> Self
pub fn brainpoolp256_for_signing() -> Self
Brainpool curve P256r1 for signing.
Sourcepub fn brainpoolp384_for_encryption() -> Self
pub fn brainpoolp384_for_encryption() -> Self
Brainpool curve P384r1 for encryption.
Sourcepub fn brainpoolp384_for_signing() -> Self
pub fn brainpoolp384_for_signing() -> Self
Brainpool curve P384r1 for signing.
Sourcepub fn brainpoolp512_for_encryption() -> Self
pub fn brainpoolp512_for_encryption() -> Self
Brainpool curve P512r1 for encryption.
Sourcepub fn brainpoolp512_for_signing() -> Self
pub fn brainpoolp512_for_signing() -> Self
Brainpool curve P512r1 for signing.
Sourcepub fn mldsa65_ed25519() -> Self
pub fn mldsa65_ed25519() -> Self
MLDSA65+Ed25519.
MLDSA65+Ed25519 is a post-quantum secure signing algorithm, which includes a fallback to classical Ed25519. It’s appropriate for use in general-purpose certificates.
MLDSA65+Ed25519 is defined in RFC 9980.
Sourcepub fn mldsa87_ed448() -> Self
pub fn mldsa87_ed448() -> Self
MLDSA87+Ed448.
MLDSA87+Ed448 is a post-quantum secure signing algorithm, which includes a fallback to classical Ed448. It has a higher security margin than than MLDSA65+Ed25519 and is consequently slower.
MLDSA87+Ed448 is defined in RFC 9980.
Sourcepub fn slhdsa128s() -> Self
pub fn slhdsa128s() -> Self
SLHDSA128s.
SLHDSA128s is a post-quantum secure signing algorithm. There is more confidence that SLHDSA is secure than MLDSA and as such there is no classical fallback. SLHDSA is very slow and thus this algorithm is only recommended for infrequent signing (e.g., software releases) and asynchronous operations. SLHDSA128f is faster than SLHDSA128s (but still not recommended for frequent synchronous use), but it generates larger artifacts.
SLHDSA128s is defined in RFC 9980.
Sourcepub fn slhdsa128f() -> Self
pub fn slhdsa128f() -> Self
SLHDSA128f.
SLHDSA128f is a post-quantum secure signing algorithm. There is more confidence that SLHDSA is secure than MLDSA and as such there is no classical fallback. SLHDSA is very slow and thus this algorithm is only recommended for infrequent signing (e.g., software releases) and asynchronous operations. SLHDSA128f is faster than SLHDSA128s (but still not recommended for frequent synchronous use), but generates larger artifacts.
SLHDSA128f is defined in RFC 9980.
Sourcepub fn slhdsa256s() -> Self
pub fn slhdsa256s() -> Self
SLHDSA256s.
SLHDSA256s is a post-quantum secure signing algorithm. There is more confidence that SLHDSA is secure than MLDSA and as such there is no classical fallback. SLHDSA is very slow and thus this algorithm is only recommended for infrequent signing (e.g., software releases) and asynchronous operations. SLHDSA256s has a higher security margin than SLHDSA256s and SLHDSA256f and in consequently even slower.
SLHDSA256s is defined in RFC 9980.
Sourcepub fn mlkem768_x25519() -> Self
pub fn mlkem768_x25519() -> Self
MLKEM768+X25519.
MLKEM768+X25519 is a post-quantum secure encryption algorithm, which includes a fallback to classical X25519. It’s appropriate for use in general purpose certificates.
MLKEM768+X25519 is defined in RFC 9980.
Sourcepub fn mlkem1024_x448() -> Self
pub fn mlkem1024_x448() -> Self
MLKEM1024+X448.
MLKEM1024+X448 is a post-quantum secure encryption algorithm, which includes a fallback to classical X448. It has a higher security margin than than MLKEM768+X25519 and is consequently slower.
MLKEM1024+X448 is defined in RFC 9980.
Sourcepub fn generate_key(
&self,
profile: Profile,
) -> Result<Key<SecretParts, UnspecifiedRole>>
pub fn generate_key( &self, profile: Profile, ) -> Result<Key<SecretParts, UnspecifiedRole>>
Generates a key according to the specification.
Sourcepub fn generate_key_for<K>(
&self,
profile: Profile,
key_flags: K,
) -> Result<Key<SecretParts, UnspecifiedRole>>
pub fn generate_key_for<K>( &self, profile: Profile, key_flags: K, ) -> Result<Key<SecretParts, UnspecifiedRole>>
Generates a key according to the specification and checks that it is compatible with the key flags.
Trait Implementations§
Source§impl Clone for PublicKeyAlgorithmSpecification
impl Clone for PublicKeyAlgorithmSpecification
Source§fn clone(&self) -> PublicKeyAlgorithmSpecification
fn clone(&self) -> PublicKeyAlgorithmSpecification
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read more