pub trait SigningKey:
Debug
+ Send
+ Sync {
// Required methods
fn choose_scheme(
&self,
offered: &[SignatureScheme],
) -> Option<Box<dyn Signer>>;
fn algorithm(&self) -> SignatureAlgorithm;
}
Expand description
An abstract signing key.
This interface is used by rustls to use a private signing key for authentication. This includes server and client authentication.
Objects of this type are always used within Rustls as
Arc<dyn SigningKey>
. There are no concrete public structs in Rustls
that implement this trait.
There are two main ways to get a signing key:
KeyProvider::load_private_key()
, or- some other method outside of the
KeyProvider
extension trait, for instance:
The KeyProvider
method load_private_key()
is called under the hood by
ConfigBuilder::with_single_cert()
,
ConfigBuilder::with_client_auth_cert()
, and
ConfigBuilder::with_single_cert_with_ocsp()
.
A signing key created outside of the KeyProvider
extension trait can be used
to create a CertifiedKey
, which in turn can be used to create a
ResolvesServerCertUsingSni
. Alternately, a CertifiedKey
can be returned from a
custom implementation of the ResolvesServerCert
or ResolvesClientCert
traits.
Required Methods§
sourcefn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
Choose a SignatureScheme
from those offered.
Expresses the choice by returning something that implements Signer
,
using the chosen scheme.
sourcefn algorithm(&self) -> SignatureAlgorithm
fn algorithm(&self) -> SignatureAlgorithm
What kind of key we have.