Struct ssh_key::certificate::Builder
source · [−]pub struct Builder { /* private fields */ }alloc only.Expand description
OpenSSH certificate builder.
This type provides the core functionality of an OpenSSH certificate authority.
It can build and sign OpenSSH certificates.
Principals
Certificates are valid for a specific set of principal names:
- Usernames for
CertType::User. - Hostnames for
CertType::Host.
When building a certificate, you will either need to specify principals
by calling Builder::valid_principal one or more times, or explicitly
marking a certificate as valid for all principals (i.e. “golden ticket”)
using the Builder::all_principals_valid method.
Example
use ssh_key::{Algorithm, PrivateKey, certificate, rand_core::OsRng};
use std::time::{SystemTime, UNIX_EPOCH};
// Generate the certificate authority's private key
let ca_key = PrivateKey::random(&mut OsRng, Algorithm::Ed25519)?;
// Generate a "subject" key to be signed by the certificate authority.
// Normally a user or host would do this locally and give the certificate
// authority the public key.
let subject_private_key = PrivateKey::random(&mut OsRng, Algorithm::Ed25519)?;
let subject_public_key = subject_private_key.public_key();
// Create certificate validity window
let valid_after = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs();
let valid_before = valid_after + (365 * 86400); // e.g. 1 year
// Initialize certificate builder
let mut cert_builder = certificate::Builder::new_with_random_nonce(
&mut OsRng,
subject_public_key,
valid_after,
valid_before,
);
cert_builder.serial(42)?; // Optional: serial number chosen by the CA
cert_builder.key_id("nobody-cert-02")?; // Optional: CA-specific key identifier
cert_builder.cert_type(certificate::CertType::User)?; // User or host certificate
cert_builder.valid_principal("nobody")?; // Unix username or hostname
cert_builder.comment("nobody@example.com")?; // Comment (typically an email address)
// Sign and return the `Certificate` for `subject_public_key`
let cert = cert_builder.sign(&ca_key)?;Implementations
sourceimpl Builder
impl Builder
sourcepub const RECOMMENDED_NONCE_SIZE: usize
pub const RECOMMENDED_NONCE_SIZE: usize
Recommended size for a nonce.
sourcepub fn new(
nonce: impl Into<Vec<u8>>,
public_key: impl Into<KeyData>,
valid_after: u64,
valid_before: u64
) -> Self
pub fn new(
nonce: impl Into<Vec<u8>>,
public_key: impl Into<KeyData>,
valid_after: u64,
valid_before: u64
) -> Self
Create a new certificate builder for the given subject’s public key.
Also requires a nonce (random value typically 16 or 32 bytes long) and the validity window of the certificate as Unix seconds.
sourcepub fn new_with_random_nonce(
rng: impl CryptoRng + RngCore,
public_key: impl Into<KeyData>,
valid_after: u64,
valid_before: u64
) -> Self
This is supported on crate feature rand_core only.
pub fn new_with_random_nonce(
rng: impl CryptoRng + RngCore,
public_key: impl Into<KeyData>,
valid_after: u64,
valid_before: u64
) -> Self
rand_core only.Create a new certificate builder, generating a random nonce using the provided random number generator.
sourcepub fn serial(&mut self, serial: u64) -> Result<&mut Self>
pub fn serial(&mut self, serial: u64) -> Result<&mut Self>
Set certificate serial number.
Default: 0.
sourcepub fn cert_type(&mut self, cert_type: CertType) -> Result<&mut Self>
pub fn cert_type(&mut self, cert_type: CertType) -> Result<&mut Self>
Set certificate type: user or host.
Default: CertType::User.
sourcepub fn key_id(&mut self, key_id: impl Into<String>) -> Result<&mut Self>
pub fn key_id(&mut self, key_id: impl Into<String>) -> Result<&mut Self>
Set key ID: label to identify this particular certificate.
Default ""
sourcepub fn valid_principal(
&mut self,
principal: impl Into<String>
) -> Result<&mut Self>
pub fn valid_principal(
&mut self,
principal: impl Into<String>
) -> Result<&mut Self>
Add a principal (i.e. username or hostname) to valid_principals.
sourcepub fn all_principals_valid(&mut self) -> Result<&mut Self>
pub fn all_principals_valid(&mut self) -> Result<&mut Self>
Mark this certificate as being valid for all principals.
⚠️ Security Warning
Use this method with care! It generates “golden ticket” certificates which can e.g. authenticate as any user on a system, or impersonate any host.
sourcepub fn critical_option(
&mut self,
name: impl Into<String>,
data: impl Into<String>
) -> Result<&mut Self>
pub fn critical_option(
&mut self,
name: impl Into<String>,
data: impl Into<String>
) -> Result<&mut Self>
Add a critical option to this certificate.
Critical options must be recognized or the certificate must be rejected.
sourcepub fn extension(
&mut self,
name: impl Into<String>,
data: impl Into<String>
) -> Result<&mut Self>
pub fn extension(
&mut self,
name: impl Into<String>,
data: impl Into<String>
) -> Result<&mut Self>
Add an extension to this certificate.
Extensions can be unrecognized without impacting the certificate.
sourcepub fn comment(&mut self, comment: impl Into<String>) -> Result<&mut Self>
pub fn comment(&mut self, comment: impl Into<String>) -> Result<&mut Self>
Add a comment to this certificate.
Default ""
sourcepub fn sign<S: SigningKey>(self, signing_key: &S) -> Result<Certificate>
pub fn sign<S: SigningKey>(self, signing_key: &S) -> Result<Certificate>
Sign the certificate using the provided signer type.
The PrivateKey type can be used as a signer.
Auto Trait Implementations
impl RefUnwindSafe for Builder
impl Send for Builder
impl Sync for Builder
impl Unpin for Builder
impl UnwindSafe for Builder
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more