Struct yubirs::piv::pkey::PublicKey

pub struct PublicKey { /* fields omitted */ }

A public key. Note that this structure denotes just the key, not the other metadata which would be included in a full X.509 certificate.

Methods

impl PublicKey

pub fn from_pem<P: AsRef<Path>>(path: P) -> Result<Self>

pub fn from_rsa_structure(data: &[u8]) -> Result<Self>

Construct a PublicKey from the raw RSA structure returned from the underlying hardware. The provided data should be the entire response from the device to a generate command.

pub fn from_ec_structure(algorithm: Algorithm, data: &[u8]) -> Result<Self>

Construct a PublicKey from the raw EC structure returned from the underlying hardware. The provided data should be the entire response from the device to a generate command.

pub fn get_algorithm(&self) -> Result<Algorithm>

pub fn max_encrypt_len(&self) -> Result<usize>

This function returns the maximum number of bytes encrypt can encrypt using the given algorithm.

pub fn encrypt(&self, plaintext: &[u8]) -> Result<Vec<u8>>

Encrypt the given data using this RSA public key. In order to decipher the returned ciphertext, the caller must have access to the matching private key.

Note that only RSA is supported, because OpenSSL likewise only (easily) supports this kind of encryption with an RSA key.

Also note that this should not be used to encrypt large amounts of data. In fact, as per the docs (https://www.openssl.org/docs/manmaster/man3/RSA_public_encrypt.html), this function can only encrypt at most max_encrypt_len bytes of data.

In order to use this feature to encrypt larger amounts of data, this function should be used to wrap a key which is then used with a more normal cipher like AES.

pub fn format(&self, format: Format) -> Result<Vec<u8>>