Function xstack_x509::generate

source ·

pub async fn generate(
    keypair: &KeyStore,
) -> Result<(Vec<u8>, Zeroizing<Vec<u8>>)>

Expand description

In order to be able to use arbitrary key types, peers don’t use their host key to sign the X.509 certificate they send during the handshake. Instead, the host key is encoded into the libp2p Public Key Extension, which is carried in a self-signed certificate.

The key used to generate and sign this certificate SHOULD NOT be related to the host’s key. Endpoints MAY generate a new key and certificate for every connection attempt, or they MAY reuse the same key and certificate for multiple connections.

The keypair is the host key provider.

§On success

this function returns:

The x.509 certificate, encoded as ASN.1 DER,
The private key, used to generate and sign this x.509 certificate.


// let (cert, pk) = xstack_x509::generate(switch.keystore()).await?;

// let cert = X509::from_der(&cert)?;

// let pk = pkey::PKey::from_ec_key(ec::EcKey::private_key_from_der(&pk)?)?;

Refer to tcp and quic crates for complete code

Function xstack_x509::generateCopy item path

§On success

Function xstack_x509::generate