# Struct ring::signature::Ed25519KeyPair

source · `pub struct Ed25519KeyPair { /* private fields */ }`

## Expand description

An Ed25519 key pair, for signing.

## Implementations§

source§### impl Ed25519KeyPair

### impl Ed25519KeyPair

source#### pub fn generate_pkcs8(rng: &dyn SecureRandom) -> Result<Document, Unspecified>

#### pub fn generate_pkcs8(rng: &dyn SecureRandom) -> Result<Document, Unspecified>

Generates a new key pair and returns the key pair serialized as a PKCS#8 document.

The PKCS#8 document will be a v2 `OneAsymmetricKey`

with the public key,
as described in RFC 5958 Section 2; see RFC 8410 Section 10.3 for an
example.

source#### pub fn from_pkcs8(pkcs8: &[u8]) -> Result<Self, KeyRejected>

#### pub fn from_pkcs8(pkcs8: &[u8]) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair by parsing an unencrypted PKCS#8 v2 Ed25519 private key.

`openssl genpkey -algorithm ED25519`

generates PKCS# v1 keys, which
require the use of `Ed25519KeyPair::from_pkcs8_maybe_unchecked()`

instead of `Ed25519KeyPair::from_pkcs8()`

.

The input must be in PKCS#8 v2 format, and in particular it must contain
the public key in addition to the private key. `from_pkcs8()`

will
verify that the public key and the private key are consistent with each
other.

Some early implementations of PKCS#8 v2, including earlier versions of
*ring* and other implementations, wrapped the public key in the wrong
ASN.1 tags. Both that incorrect form and the standardized form are
accepted.

If you need to parse PKCS#8 v1 files (without the public key) then use
`Ed25519KeyPair::from_pkcs8_maybe_unchecked()`

instead.

source#### pub fn from_pkcs8_maybe_unchecked(pkcs8: &[u8]) -> Result<Self, KeyRejected>

#### pub fn from_pkcs8_maybe_unchecked(pkcs8: &[u8]) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair by parsing an unencrypted PKCS#8 v1 or v2 Ed25519 private key.

`openssl genpkey -algorithm ED25519`

generates PKCS# v1 keys.

It is recommended to use `Ed25519KeyPair::from_pkcs8()`

, which accepts
only PKCS#8 v2 files that contain the public key.
`from_pkcs8_maybe_unchecked()`

parses PKCS#2 files exactly like
`from_pkcs8()`

. It also accepts v1 files. PKCS#8 v1 files do not contain
the public key, so when a v1 file is parsed the public key will be
computed from the private key, and there will be no consistency check
between the public key and the private key.

Some early implementations of PKCS#8 v2, including earlier versions of
*ring* and other implementations, wrapped the public key in the wrong
ASN.1 tags. Both that incorrect form and the standardized form are
accepted.

PKCS#8 v2 files are parsed exactly like `Ed25519KeyPair::from_pkcs8()`

.

source#### pub fn from_seed_and_public_key(
seed: &[u8],
public_key: &[u8],
) -> Result<Self, KeyRejected>

#### pub fn from_seed_and_public_key( seed: &[u8], public_key: &[u8], ) -> Result<Self, KeyRejected>

Constructs an Ed25519 key pair from the private key seed `seed`

and its
public key `public_key`

.

It is recommended to use `Ed25519KeyPair::from_pkcs8()`

instead.

The private and public keys will be verified to be consistent with each other. This helps avoid misuse of the key (e.g. accidentally swapping the private key and public key, or using the wrong private key for the public key). This also detects any corruption of the public or private key.

source#### pub fn from_seed_unchecked(seed: &[u8]) -> Result<Self, KeyRejected>

#### pub fn from_seed_unchecked(seed: &[u8]) -> Result<Self, KeyRejected>

Constructs a Ed25519 key pair from the private key seed `seed`

.

It is recommended to use `Ed25519KeyPair::from_pkcs8()`

instead. When
that is not practical, it is recommended to use
`Ed25519KeyPair::from_seed_and_public_key()`

instead.

Since the public key is not given, the public key will be computed from the private key. It is not possible to detect misuse or corruption of the private key since the public key isn’t given as input.