pub struct EcdsaKeyPair { /* private fields */ }
Expand description
An ECDSA key pair, used for signing.
Implementations§
source§impl EcdsaKeyPair
impl EcdsaKeyPair
sourcepub fn generate_pkcs8(
alg: &'static EcdsaSigningAlgorithm,
rng: &dyn SecureRandom,
) -> Result<Document, Unspecified>
pub fn generate_pkcs8( alg: &'static EcdsaSigningAlgorithm, rng: &dyn SecureRandom, ) -> Result<Document, Unspecified>
Generates a new key pair and returns the key pair serialized as a PKCS#8 document.
The PKCS#8 document will be a v1 OneAsymmetricKey
with the public key
included in the ECPrivateKey
structure, as described in
RFC 5958 Section 2 and RFC 5915. The ECPrivateKey
structure will
not have a parameters
field so the generated key is compatible with
PKCS#11.
sourcepub fn from_pkcs8(
alg: &'static EcdsaSigningAlgorithm,
pkcs8: &[u8],
rng: &dyn SecureRandom,
) -> Result<Self, KeyRejected>
pub fn from_pkcs8( alg: &'static EcdsaSigningAlgorithm, pkcs8: &[u8], rng: &dyn SecureRandom, ) -> Result<Self, KeyRejected>
Constructs an ECDSA key pair by parsing an unencrypted PKCS#8 v1
id-ecPublicKey ECPrivateKey
key.
The input must be in PKCS#8 v1 format. It must contain the public key in
the ECPrivateKey
structure; from_pkcs8()
will verify that the public
key and the private key are consistent with each other. The algorithm
identifier must identify the curve by name; it must not use an
“explicit” encoding of the curve. The parameters
field of the
ECPrivateKey
, if present, must be the same named curve that is in the
algorithm identifier in the PKCS#8 header.
sourcepub fn from_private_key_and_public_key(
alg: &'static EcdsaSigningAlgorithm,
private_key: &[u8],
public_key: &[u8],
rng: &dyn SecureRandom,
) -> Result<Self, KeyRejected>
pub fn from_private_key_and_public_key( alg: &'static EcdsaSigningAlgorithm, private_key: &[u8], public_key: &[u8], rng: &dyn SecureRandom, ) -> Result<Self, KeyRejected>
Constructs an ECDSA key pair from the private key and public key bytes
The private key must encoded as a big-endian fixed-length integer. For example, a P-256 private key must be 32 bytes prefixed with leading zeros as needed.
The public key is encoding in uncompressed form using the Octet-String-to-Elliptic-Curve-Point algorithm in SEC 1: Elliptic Curve Cryptography, Version 2.0.
This is intended for use by code that deserializes key pairs. It is
recommended to use EcdsaKeyPair::from_pkcs8()
(with a PKCS#8-encoded
key) instead.
sourcepub fn sign(
&self,
rng: &dyn SecureRandom,
message: &[u8],
) -> Result<Signature, Unspecified>
pub fn sign( &self, rng: &dyn SecureRandom, message: &[u8], ) -> Result<Signature, Unspecified>
Returns the signature of the message
using a random nonce generated by rng
.