Trait rustls::sign::SigningKey
source · pub trait SigningKey: Debug + Send + Sync {
// Required methods
fn choose_scheme(
&self,
offered: &[SignatureScheme],
) -> Option<Box<dyn Signer>>;
fn algorithm(&self) -> SignatureAlgorithm;
// Provided method
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> { ... }
}
Expand description
An abstract signing key.
This interface is used by rustls to use a private signing key for authentication. This includes server and client authentication.
Objects of this type are always used within Rustls as
Arc<dyn SigningKey>
. There are no concrete public structs in Rustls
that implement this trait.
There are two main ways to get a signing key:
KeyProvider::load_private_key()
, or- some other method outside of the
KeyProvider
extension trait, for instance:
The KeyProvider
method load_private_key()
is called under the hood by
ConfigBuilder::with_single_cert()
,
ConfigBuilder::with_client_auth_cert()
, and
ConfigBuilder::with_single_cert_with_ocsp()
.
A signing key created outside of the KeyProvider
extension trait can be used
to create a CertifiedKey
, which in turn can be used to create a
ResolvesServerCertUsingSni
. Alternately, a CertifiedKey
can be returned from a
custom implementation of the ResolvesServerCert
or ResolvesClientCert
traits.
Required Methods§
sourcefn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
Choose a SignatureScheme
from those offered.
Expresses the choice by returning something that implements Signer
,
using the chosen scheme.
sourcefn algorithm(&self) -> SignatureAlgorithm
fn algorithm(&self) -> SignatureAlgorithm
What kind of key we have.
Provided Methods§
sourcefn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this SigningKey
if available.