Struct openssl::pkey::PKey

source · []
pub struct PKey<T>(_, _);
Expand description

A public or private key.

Implementations

Creates a new PKey containing an RSA key.

This corresponds to EVP_PKEY_assign_RSA.

Creates a new PKey containing a DSA key.

This corresponds to EVP_PKEY_assign_DSA.

Creates a new PKey containing a Diffie-Hellman key.

This corresponds to EVP_PKEY_assign_DH.

Creates a new PKey containing an elliptic curve key.

This corresponds to EVP_PKEY_assign_EC_KEY.

Creates a new PKey containing an HMAC key.

Note

To compute HMAC values, use the sign module.

This corresponds to EVP_PKEY_new_mac_key.

Creates a new PKey containing a CMAC key.

Requires OpenSSL 1.1.0 or newer.

Note

To compute CMAC values, use the sign module.

Generates a new private X25519 key.

To import a private key from raw bytes see PKey::private_key_from_raw_bytes.

Examples
use openssl::pkey::{PKey, Id};
use openssl::derive::Deriver;

let public = // ...
let public_key = PKey::public_key_from_raw_bytes(public, Id::X25519)?;

let key = PKey::generate_x25519()?;
let mut deriver = Deriver::new(&key)?;
deriver.set_peer(&public_key)?;

let secret = deriver.derive_to_vec()?;
assert_eq!(secret.len(), 32);

Generates a new private X448 key.

To import a private key from raw bytes see PKey::private_key_from_raw_bytes.

Examples
use openssl::pkey::{PKey, Id};
use openssl::derive::Deriver;

let public = // ...
let public_key = PKey::public_key_from_raw_bytes(public, Id::X448)?;

let key = PKey::generate_x448()?;
let mut deriver = Deriver::new(&key)?;
deriver.set_peer(&public_key)?;

let secret = deriver.derive_to_vec()?;
assert_eq!(secret.len(), 56);

Generates a new private Ed25519 key.

To import a private key from raw bytes see PKey::private_key_from_raw_bytes.

Examples
use openssl::pkey::{PKey, Id};
use openssl::sign::Signer;

let key = PKey::generate_ed25519()?;
let public_key = key.raw_public_key()?;

let mut signer = Signer::new_without_digest(&key)?;
let digest = // ...
let signature = signer.sign_oneshot_to_vec(digest)?;
assert_eq!(signature.len(), 64);

Generates a new private Ed448 key.

To import a private key from raw bytes see PKey::private_key_from_raw_bytes.

Examples
use openssl::pkey::{PKey, Id};
use openssl::sign::Signer;

let key = PKey::generate_ed448()?;
let public_key = key.raw_public_key()?;

let mut signer = Signer::new_without_digest(&key)?;
let digest = // ...
let signature = signer.sign_oneshot_to_vec(digest)?;
assert_eq!(signature.len(), 114);

Deserializes a private key from a PEM-encoded key type specific format.

This corresponds to PEM_read_bio_PrivateKey.

Deserializes a private key from a PEM-encoded encrypted key type specific format.

This corresponds to PEM_read_bio_PrivateKey.

Deserializes a private key from a PEM-encoded encrypted key type specific format.

The callback should fill the password into the provided buffer and return its length.

This corresponds to PEM_read_bio_PrivateKey.

Decodes a DER-encoded private key.

This function will attempt to automatically detect the underlying key format, and supports the unencrypted PKCS#8 PrivateKeyInfo structures as well as key type specific formats.

This corresponds to d2i_AutoPrivateKey.

Deserializes a DER-formatted PKCS#8 unencrypted private key.

This method is mainly for interoperability reasons. Encrypted keyfiles should be preferred.

Deserializes a DER-formatted PKCS#8 private key, using a callback to retrieve the password if the key is encrypted.

The callback should copy the password into the provided buffer and return the number of bytes written.

This corresponds to d2i_PKCS8PrivateKey_bio.

Deserializes a DER-formatted PKCS#8 private key, using the supplied password if the key is encrypted.

Panics

Panics if passphrase contains an embedded null.

This corresponds to d2i_PKCS8PrivateKey_bio.

Creates a private key from its raw byte representation

Algorithm types that support raw private keys are HMAC, X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_new_raw_private_key.

Decodes a PEM-encoded SubjectPublicKeyInfo structure.

The input should have a header of -----BEGIN PUBLIC KEY-----.

This corresponds to PEM_read_bio_PUBKEY.

Decodes a DER-encoded SubjectPublicKeyInfo structure.

This corresponds to d2i_PUBKEY.

Creates a public key from its raw byte representation

Algorithm types that support raw public keys are X25519, ED25519, X448 or ED448

This corresponds to EVP_PKEY_new_raw_public_key.

Methods from Deref<Target = PKeyRef<T>>

Returns a copy of the internal RSA key.

This corresponds to EVP_PKEY_get1_RSA.

Returns a copy of the internal DSA key.

This corresponds to EVP_PKEY_get1_DSA.

Returns a copy of the internal DH key.

This corresponds to EVP_PKEY_get1_DH.

Returns a copy of the internal elliptic curve key.

This corresponds to EVP_PKEY_get1_EC_KEY.

Returns the Id that represents the type of this key.

This corresponds to EVP_PKEY_id.

Returns the maximum size of a signature in bytes.

This corresponds to EVP_PKEY_size.

Serializes the public key into a PEM-encoded SubjectPublicKeyInfo structure.

The output will have a header of -----BEGIN PUBLIC KEY-----.

This corresponds to PEM_write_bio_PUBKEY.

Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.

This corresponds to i2d_PUBKEY.

Returns the size of the key.

This corresponds to the bit length of the modulus of an RSA key, and the bit length of the group order for an elliptic curve key, for example.

This corresponds to EVP_PKEY_bits.

Returns the number of security bits.

Bits of security is defined in NIST SP800-57.

This corresponds to EVP_PKEY_security_bits.

Compares the public component of this key with another.

This corresponds to EVP_PKEY_cmp.

Raw byte representation of a public key.

This function only works for algorithms that support raw public keys. Currently this is: Id::X25519, Id::ED25519, Id::X448 or Id::ED448.

This corresponds to EVP_PKEY_get_raw_public_key.

Serializes the private key to a PEM-encoded PKCS#8 PrivateKeyInfo structure.

The output will have a header of -----BEGIN PRIVATE KEY-----.

This corresponds to PEM_write_bio_PKCS8PrivateKey.

Serializes the private key to a PEM-encoded PKCS#8 EncryptedPrivateKeyInfo structure.

The output will have a header of -----BEGIN ENCRYPTED PRIVATE KEY-----.

This corresponds to PEM_write_bio_PKCS8PrivateKey.

Serializes the private key to a DER-encoded key type specific format.

This corresponds to i2d_PrivateKey.

Raw byte representation of a private key.

This function only works for algorithms that support raw private keys. Currently this is: Id::HMAC, Id::X25519, Id::ED25519, Id::X448 or Id::ED448.

This corresponds to EVP_PKEY_get_raw_private_key.

Serializes a private key into an unencrypted DER-formatted PKCS#8

This corresponds to i2d_PKCS8PrivateKey_bio.

Serializes a private key into a DER-formatted PKCS#8, using the supplied password to encrypt the key.

This corresponds to i2d_PKCS8PrivateKey_bio.

Trait Implementations

Converts this type into a shared reference of the (usually inferred) input type.
Immutably borrows from an owned value. Read more
Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
The resulting type after dereferencing.
Dereferences the value.
Mutably dereferences the value.
Executes the destructor for this type. Read more
The raw C type.
The type representing a reference to this type.
Constructs an instance of this type from its raw type.
Returns a raw pointer to the wrapped value.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.