Struct ssh_key::private::PrivateKey

pub struct PrivateKey { /* private fields */ }

SSH private key.

Implementations

impl PrivateKey

pub fn new(key_data: KeypairData, comment: impl Into<String>) -> Result<Self>

Available on crate feature alloc only.

Create a new unencrypted private key with the given keypair data and comment.

On no_std platforms, use PrivateKey::from(key_data) instead.

pub fn from_openssh(input: impl AsRef<[u8]>) -> Result<Self>

Parse an OpenSSH-formatted PEM private key.

OpenSSH-formatted private keys begin with the following:

-----BEGIN OPENSSH PRIVATE KEY-----

pub fn from_bytes(bytes: &[u8]) -> Result<Self>

Parse a raw binary SSH private key.

pub fn encode_openssh<'o>(
    &self,
    line_ending: LineEnding,
    out: &'o mut [u8]
) -> Result<&'o str>

Encode OpenSSH-formatted (PEM) private key.

pub fn to_openssh(&self, line_ending: LineEnding) -> Result<Zeroizing<String>>

Available on crate feature alloc only.

Encode an OpenSSH-formatted PEM private key, allocating a self-zeroizing String for the result.

pub fn to_bytes(&self) -> Result<Zeroizing<Vec<u8>>>

Available on crate feature alloc only.

Serialize SSH private key as raw bytes.

pub fn read_openssh_file(path: &Path) -> Result<Self>

Available on crate feature std only.

Read private key from an OpenSSH-formatted PEM file.

pub fn write_openssh_file(
    &self,
    path: &Path,
    line_ending: LineEnding
) -> Result<()>

Available on crate feature std only.

Write private key as an OpenSSH-formatted PEM file.

pub fn decrypt(&self, password: impl AsRef<[u8]>) -> Result<Self>

Available on crate feature encryption only.

Attempt to decrypt an encrypted private key using the provided password to derive an encryption key.

Returns Error::Decrypted if the private key is already decrypted.

pub fn encrypt(
    &self,
    rng: impl CryptoRng + RngCore,
    password: impl AsRef<[u8]>
) -> Result<Self>

Available on crate feature encryption only.

Encrypt an unencrypted private key using the provided password to derive an encryption key.

Uses the following algorithms:

• Cipher: Cipher::Aes256Ctr
• KDF: Kdf::Bcrypt (i.e. bcrypt-pbkdf)

Returns Error::Encrypted if the private key is already encrypted.

pub fn encrypt_with(
    &self,
    cipher: Cipher,
    kdf: Kdf,
    checkint: u32,
    password: impl AsRef<[u8]>
) -> Result<Self>

Available on crate feature encryption only.

Encrypt an unencrypted private key using the provided cipher and KDF configuration.

Returns Error::Encrypted if the private key is already encrypted.

pub fn algorithm(&self) -> Algorithm

Get the digital signature Algorithm used by this key.

pub fn comment(&self) -> &str

Comment on the key (e.g. email address).

pub fn cipher(&self) -> Cipher

Cipher algorithm (a.k.a. ciphername).

pub fn fingerprint(&self, hash_alg: HashAlg) -> Fingerprint

Available on crate feature fingerprint only.

Compute key fingerprint.

Use Default::default() to use the default hash function (SHA-256).

pub fn is_encrypted(&self) -> bool

Is this key encrypted?

pub fn kdf(&self) -> &Kdf

Key Derivation Function (KDF) used to encrypt this key.

Returns Kdf::None if this key is not encrypted.

pub fn key_data(&self) -> &KeypairData

Keypair data.

pub fn public_key(&self) -> &PublicKey

Get the PublicKey which corresponds to this private key.

pub fn random(
    rng: impl CryptoRng + RngCore,
    algorithm: Algorithm
) -> Result<Self>

Available on crate feature rand_core only.

Generate a random key which uses the given algorithm.

Returns

• Error::Algorithm if the algorithm is unsupported.

pub fn set_comment(&mut self, comment: impl Into<String>)

Available on crate feature alloc only.

Set the comment on the key.

Trait Implementations

impl Clone for PrivateKey

fn clone(&self) -> PrivateKey

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConstantTimeEq for PrivateKey

Available on crate feature subtle only.

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal.

impl Debug for PrivateKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<&PrivateKey> for KeyData

fn from(private_key: &PrivateKey) -> KeyData

Converts to this type from the input type.

impl From<&PrivateKey> for PublicKey

fn from(private_key: &PrivateKey) -> PublicKey

Converts to this type from the input type.

impl From<DsaKeypair> for PrivateKey

Available on crate feature alloc only.

fn from(keypair: DsaKeypair) -> PrivateKey

Converts to this type from the input type.

impl From<EcdsaKeypair> for PrivateKey

Available on crate feature ecdsa only.

fn from(keypair: EcdsaKeypair) -> PrivateKey

Converts to this type from the input type.

impl From<Ed25519Keypair> for PrivateKey

fn from(keypair: Ed25519Keypair) -> PrivateKey

Converts to this type from the input type.

impl From<PrivateKey> for KeyData

fn from(private_key: PrivateKey) -> KeyData

Converts to this type from the input type.

impl From<PrivateKey> for PublicKey

fn from(private_key: PrivateKey) -> PublicKey

Converts to this type from the input type.

impl From<RsaKeypair> for PrivateKey

Available on crate feature alloc only.

fn from(keypair: RsaKeypair) -> PrivateKey

Converts to this type from the input type.

impl From<SkEcdsaSha2NistP256> for PrivateKey

Available on crate features alloc and ecdsa only.

fn from(keypair: SkEcdsaSha2NistP256) -> PrivateKey

Converts to this type from the input type.

impl From<SkEd25519> for PrivateKey

Available on crate feature alloc only.

fn from(keypair: SkEd25519) -> PrivateKey

Converts to this type from the input type.

impl FromStr for PrivateKey

type Err = Error

The associated error which can be returned from parsing.

fn from_str(s: &str) -> Result<Self>

Parses a string s to return a value of this type.

impl PartialEq<PrivateKey> for PrivateKey

Available on crate feature subtle only.

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PemLabel for PrivateKey

const PEM_LABEL: &'static str = "OPENSSH PRIVATE KEY"

Expected PEM type label for a given document, e.g. "PRIVATE KEY"

fn validate_pem_label(actual: &str) -> Result<(), Error>

Validate that a given label matches the expected label.

impl Signer<Signature> for PrivateKey

fn try_sign(&self, message: &[u8]) -> Result<Signature>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong.

fn sign(&self, msg: &[u8]) -> S

Sign the given message and return a digital signature

impl TryFrom<KeypairData> for PrivateKey

type Error = Error

The type returned in the event of a conversion error.

fn try_from(key_data: KeypairData) -> Result<PrivateKey>

Performs the conversion.

impl Eq for PrivateKey

Available on crate feature subtle only.