Struct openssl::pkey::PKey

pub struct PKey<T>(_, _);

A public or private key.

Implementations

impl<T> PKey<T>

pub fn from_rsa(rsa: Rsa<T>) -> Result<PKey<T>, ErrorStack>

Creates a new PKey containing an RSA key.

This corresponds to EVP_PKEY_assign_RSA.

pub fn from_dsa(dsa: Dsa<T>) -> Result<PKey<T>, ErrorStack>

Creates a new PKey containing a DSA key.

This corresponds to EVP_PKEY_assign_DSA.

pub fn from_dh(dh: Dh<T>) -> Result<PKey<T>, ErrorStack>

Creates a new PKey containing a Diffie-Hellman key.

This corresponds to EVP_PKEY_assign_DH.

pub fn from_ec_key(ec_key: EcKey<T>) -> Result<PKey<T>, ErrorStack>

Creates a new PKey containing an elliptic curve key.

This corresponds to EVP_PKEY_assign_EC_KEY.

impl PKey<Private>

pub fn hmac(key: &[u8]) -> Result<PKey<Private>, ErrorStack>

Creates a new PKey containing an HMAC key.

Note

To compute HMAC values, use the sign module.

pub fn cmac(cipher: &Cipher, key: &[u8]) -> Result<PKey<Private>, ErrorStack>

Creates a new PKey containing a CMAC key.

Requires OpenSSL 1.1.0 or newer.

Note

To compute CMAC values, use the sign module.

pub fn generate_x25519() -> Result<PKey<Private>, ErrorStack>

Generates a new private Ed25519 key

pub fn generate_x448() -> Result<PKey<Private>, ErrorStack>

Generates a new private Ed448 key

pub fn generate_ed25519() -> Result<PKey<Private>, ErrorStack>

Generates a new private Ed25519 key

pub fn generate_ed448() -> Result<PKey<Private>, ErrorStack>

Generates a new private Ed448 key

pub fn private_key_from_pem(pem: &[u8]) -> Result<PKey<Private>, ErrorStack>

Deserializes a private key from a PEM-encoded key type specific format.

This corresponds to PEM_read_bio_PrivateKey.

pub fn private_key_from_pem_passphrase(
    pem: &[u8],
    passphrase: &[u8]
) -> Result<PKey<Private>, ErrorStack>

Deserializes a private key from a PEM-encoded encrypted key type specific format.

This corresponds to PEM_read_bio_PrivateKey.

pub fn private_key_from_pem_callback<F>(
    pem: &[u8],
    callback: F
) -> Result<PKey<Private>, ErrorStack> where
    F: FnOnce(&mut [u8]) -> Result<usize, ErrorStack>, 

Deserializes a private key from a PEM-encoded encrypted key type specific format.

The callback should fill the password into the provided buffer and return its length.

This corresponds to PEM_read_bio_PrivateKey.

pub fn private_key_from_der(der: &[u8]) -> Result<PKey<Private>, ErrorStack>

Decodes a DER-encoded private key.

This function will automatically attempt to detect the underlying key format, and supports the unencrypted PKCS#8 PrivateKeyInfo structures as well as key type specific formats.

This corresponds to d2i_AutoPrivateKey.

pub fn private_key_from_pkcs8(der: &[u8]) -> Result<PKey<Private>, ErrorStack>

Deserializes a DER-formatted PKCS#8 unencrypted private key.

This method is mainly for interoperability reasons. Encrypted keyfiles should be preferred.

pub fn private_key_from_pkcs8_callback<F>(
    der: &[u8],
    callback: F
) -> Result<PKey<Private>, ErrorStack> where
    F: FnOnce(&mut [u8]) -> Result<usize, ErrorStack>, 

Deserializes a DER-formatted PKCS#8 private key, using a callback to retrieve the password if the key is encrpyted.

The callback should copy the password into the provided buffer and return the number of bytes written.

pub fn private_key_from_pkcs8_passphrase(
    der: &[u8],
    passphrase: &[u8]
) -> Result<PKey<Private>, ErrorStack>

Deserializes a DER-formatted PKCS#8 private key, using the supplied password if the key is encrypted.

Panics

Panics if passphrase contains an embedded null.

pub fn private_key_from_raw_bytes(
    bytes: &[u8],
    key_type: Id
) -> Result<PKey<Private>, ErrorStack>

Creates a private key from its raw byte representation

Algorithm types that support raw private keys are HMAC, X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_new_raw_private_key.

impl PKey<Public>

pub fn public_key_from_pem(pem: &[u8]) -> Result<PKey<Public>, ErrorStack>

Decodes a PEM-encoded SubjectPublicKeyInfo structure.

The input should have a header of -----BEGIN PUBLIC KEY-----.

This corresponds to PEM_read_bio_PUBKEY.

pub fn public_key_from_der(der: &[u8]) -> Result<PKey<Public>, ErrorStack>

Decodes a DER-encoded SubjectPublicKeyInfo structure.

This corresponds to d2i_PUBKEY.

pub fn public_key_from_raw_bytes(
    bytes: &[u8],
    key_type: Id
) -> Result<PKey<Public>, ErrorStack>

Creates a public key from its raw byte representation

Algorithm types that support raw public keys are X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_new_raw_public_key.

Methods from Deref<Target = PKeyRef<T>>

pub fn rsa(&self) -> Result<Rsa<T>, ErrorStack>

Returns a copy of the internal RSA key.

This corresponds to EVP_PKEY_get1_RSA.

pub fn dsa(&self) -> Result<Dsa<T>, ErrorStack>

Returns a copy of the internal DSA key.

This corresponds to EVP_PKEY_get1_DSA.

pub fn dh(&self) -> Result<Dh<T>, ErrorStack>

Returns a copy of the internal DH key.

This corresponds to EVP_PKEY_get1_DH.

pub fn ec_key(&self) -> Result<EcKey<T>, ErrorStack>

Returns a copy of the internal elliptic curve key.

This corresponds to EVP_PKEY_get1_EC_KEY.

pub fn id(&self) -> Id

Returns the Id that represents the type of this key.

This corresponds to EVP_PKEY_id.

pub fn size(&self) -> usize

Returns the maximum size of a signature in bytes.

This corresponds to EVP_PKEY_size.

pub fn public_key_to_pem(&self) -> Result<Vec<u8>, ErrorStack>

Serializes the public key into a PEM-encoded SubjectPublicKeyInfo structure.

The output will have a header of -----BEGIN PUBLIC KEY-----.

This corresponds to PEM_write_bio_PUBKEY.

pub fn public_key_to_der(&self) -> Result<Vec<u8>, ErrorStack>

Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.

This corresponds to i2d_PUBKEY.

pub fn bits(&self) -> u32

Returns the size of the key.

This corresponds to the bit length of the modulus of an RSA key, and the bit length of the group order for an elliptic curve key, for example.

pub fn public_eq<U>(&self, other: &PKeyRef<U>) -> bool where
    U: HasPublic, 

Compares the public component of this key with another.

pub fn raw_public_key(&self) -> Result<Vec<u8>, ErrorStack>

Raw byte representation of a public key

This function only works for algorithms that support raw public keys. Currently this is: X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_get_raw_public_key.

pub fn private_key_to_pem_pkcs8(&self) -> Result<Vec<u8>, ErrorStack>

Serializes the private key to a PEM-encoded PKCS#8 PrivateKeyInfo structure.

The output will have a header of -----BEGIN PRIVATE KEY-----.

This corresponds to PEM_write_bio_PKCS8PrivateKey.

pub fn private_key_to_pem_pkcs8_passphrase(
    &self,
    cipher: Cipher,
    passphrase: &[u8]
) -> Result<Vec<u8>, ErrorStack>

Serializes the private key to a PEM-encoded PKCS#8 EncryptedPrivateKeyInfo structure.

The output will have a header of -----BEGIN ENCRYPTED PRIVATE KEY-----.

This corresponds to PEM_write_bio_PKCS8PrivateKey.

pub fn private_key_to_der(&self) -> Result<Vec<u8>, ErrorStack>

Serializes the private key to a DER-encoded key type specific format.

This corresponds to i2d_PrivateKey.

pub fn raw_private_key(&self) -> Result<Vec<u8>, ErrorStack>

Raw byte representation of a private key

This function only works for algorithms that support raw private keys. Currently this is: HMAC, X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_get_raw_private_key.

pub fn private_key_to_pkcs8_passphrase(
    &self,
    cipher: Cipher,
    passphrase: &[u8]
) -> Result<Vec<u8>, ErrorStack>

Serializes a private key into a DER-formatted PKCS#8, using the supplied password to encrypt the key.

Panics

Panics if passphrase contains an embedded null.

Trait Implementations

impl<T> AsRef<PKeyRef<T>> for PKey<T>

fn as_ref(&self) -> &PKeyRef<T>

Performs the conversion.

impl<T> Borrow<PKeyRef<T>> for PKey<T>

fn borrow(&self) -> &PKeyRef<T>

Immutably borrows from an owned value.

impl<T> Clone for PKey<T>

fn clone(&self) -> PKey<T>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<T> Debug for PKey<T>

fn fmt(&self, fmt: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<T> Deref for PKey<T>

type Target = PKeyRef<T>

The resulting type after dereferencing.

fn deref(&self) -> &PKeyRef<T>

Dereferences the value.

impl<T> DerefMut for PKey<T>

fn deref_mut(&mut self) -> &mut PKeyRef<T>

Mutably dereferences the value.

impl<T> Drop for PKey<T>

fn drop(&mut self)

Executes the destructor for this type.

impl<T> ForeignType for PKey<T>

type CType = EVP_PKEY

The raw C type.

type Ref = PKeyRef<T>

The type representing a reference to this type.

unsafe fn from_ptr(ptr: *mut EVP_PKEY) -> PKey<T>

Constructs an instance of this type from its raw type.

fn as_ptr(&self) -> *mut EVP_PKEY

Returns a raw pointer to the wrapped value.

impl<T> TryFrom<Dh<T>> for PKey<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(dh: Dh<T>) -> Result<PKey<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<Dsa<T>> for PKey<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(dsa: Dsa<T>) -> Result<PKey<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<EcKey<T>> for PKey<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(ec_key: EcKey<T>) -> Result<PKey<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<PKey<T>> for EcKey<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(pkey: PKey<T>) -> Result<EcKey<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<PKey<T>> for Rsa<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(pkey: PKey<T>) -> Result<Rsa<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<PKey<T>> for Dsa<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(pkey: PKey<T>) -> Result<Dsa<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<PKey<T>> for Dh<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(pkey: PKey<T>) -> Result<Dh<T>, ErrorStack>

Performs the conversion.

impl<T> TryFrom<Rsa<T>> for PKey<T>

type Error = ErrorStack

The type returned in the event of a conversion error.

fn try_from(rsa: Rsa<T>) -> Result<PKey<T>, ErrorStack>

Performs the conversion.

impl<T> Send for PKey<T>

impl<T> Sync for PKey<T>