Trait rustls::sign::SigningKey

source ·
pub trait SigningKey: Debug + Send + Sync {
    // Required methods
    fn choose_scheme(
        &self,
        offered: &[SignatureScheme],
    ) -> Option<Box<dyn Signer>>;
    fn algorithm(&self) -> SignatureAlgorithm;

    // Provided method
    fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> { ... }
}
Expand description

An abstract signing key.

This interface is used by rustls to use a private signing key for authentication. This includes server and client authentication.

Objects of this type are always used within Rustls as Arc<dyn SigningKey>. There are no concrete public structs in Rustls that implement this trait.

There are two main ways to get a signing key:

The KeyProvider method load_private_key() is called under the hood by ConfigBuilder::with_single_cert(), ConfigBuilder::with_client_auth_cert(), and ConfigBuilder::with_single_cert_with_ocsp().

A signing key created outside of the KeyProvider extension trait can be used to create a CertifiedKey, which in turn can be used to create a ResolvesServerCertUsingSni. Alternately, a CertifiedKey can be returned from a custom implementation of the ResolvesServerCert or ResolvesClientCert traits.

Required Methods§

source

fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>

Choose a SignatureScheme from those offered.

Expresses the choice by returning something that implements Signer, using the chosen scheme.

source

fn algorithm(&self) -> SignatureAlgorithm

What kind of key we have.

Provided Methods§

source

fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>

Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this SigningKey if available.

Implementors§