Struct rcgen::KeyPair

source · 
pub struct KeyPair { /* private fields */ }
Expand description

A key pair used to sign certificates and CSRs

Note that ring, the underlying library to handle RSA keys requires them to be in a special format, meaning that openssl genrsa doesn’t work. See ring’s documentation for how to generate RSA keys in the wanted format and conversion between the formats.

Implementations§

source§

impl KeyPair

source

pub fn from_der(der: &[u8]) -> Result<Self, RcgenError>

Parses the key pair from the DER format

Equivalent to using the TryFrom implementation.

source

pub fn from_pem(pem_str: &str) -> Result<Self, RcgenError>

Parses the key pair from the ASCII PEM format

This constructor is only available if rcgen is built with the “pem” feature

source

pub fn from_remote( key_pair: Box<dyn RemoteKeyPair + Send + Sync>, ) -> Result<Self, RcgenError>

Obtains the key pair from a raw public key and a remote private key

source

pub fn from_pem_and_sign_algo( pem_str: &str, alg: &'static SignatureAlgorithm, ) -> Result<Self, RcgenError>

Obtains the key pair from a DER formatted key using the specified SignatureAlgorithm

Same as from_pem_and_sign_algo.

This constructor is only available if rcgen is built with the “pem” feature

source

pub fn from_der_and_sign_algo( pkcs8: &[u8], alg: &'static SignatureAlgorithm, ) -> Result<Self, RcgenError>

Obtains the key pair from a DER formatted key using the specified SignatureAlgorithm

Usually, calling this function is not neccessary and you can just call from_der instead. That function will try to figure out a fitting SignatureAlgorithm for the given key pair. However sometimes multiple signature algorithms fit for the same der key. In that instance, you can use this function to precisely specify the SignatureAlgorithm.

source§

impl KeyPair

source

pub fn generate(alg: &'static SignatureAlgorithm) -> Result<Self, RcgenError>

Generate a new random key pair for the specified signature algorithm

source

pub fn public_key_raw(&self) -> &[u8]

Get the raw public key of this key pair

The key is in raw format, as how ring::signature::KeyPair::public_key would output, and how ring::signature::UnparsedPublicKey::verify would accept.

source

pub fn is_compatible(&self, signature_algorithm: &SignatureAlgorithm) -> bool

Check if this key pair can be used with the given signature algorithm

source

pub fn compatible_algs( &self, ) -> impl Iterator<Item = &'static SignatureAlgorithm>

Returns (possibly multiple) compatible SignatureAlgorithm’s that the key can be used with

source

pub fn public_key_der(&self) -> Vec<u8>

Return the key pair’s public key in DER format

The key is formatted according to the SubjectPublicKeyInfo struct of X.509. See RFC 5280 section 4.1.

source

pub fn public_key_pem(&self) -> String

Return the key pair’s public key in PEM format

The returned string can be interpreted with openssl pkey --inform PEM -pubout -pubin -text

This function is only available if rcgen is built with the “pem” feature

source

pub fn serialize_der(&self) -> Vec<u8>

Serializes the key pair (including the private key) in PKCS#8 format in DER

Panics if called on a remote key pair.

source

pub fn serialized_der(&self) -> &[u8]

Returns a reference to the serialized key pair (including the private key) in PKCS#8 format in DER

Panics if called on a remote key pair.

source

pub fn serialize_pem(&self) -> String

Serializes the key pair (including the private key) in PKCS#8 format in PEM

This function is only available if rcgen is built with the “pem” feature

Trait Implementations§

source§

impl Debug for KeyPair

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl TryFrom<&[u8]> for KeyPair

§

type Error = RcgenError

The type returned in the event of a conversion error.
source§

fn try_from(pkcs8: &[u8]) -> Result<KeyPair, RcgenError>

Performs the conversion.
source§

impl TryFrom<Vec<u8>> for KeyPair

§

type Error = RcgenError

The type returned in the event of a conversion error.
source§

fn try_from(pkcs8: Vec<u8>) -> Result<KeyPair, RcgenError>

Performs the conversion.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.