pub struct EcdsaSigningKey {
key: Arc<EcdsaKeyPair>,
scheme: SignatureScheme,
}
Expand description
A SigningKey that uses exactly one TLS-level SignatureScheme and one ring-level signature::SigningAlgorithm.
Compare this to RsaSigningKey, which for a particular key is willing to sign with several algorithms. This is quite poor cryptography practice, but is necessary because a given RSA key is expected to work in TLS1.2 (PKCS#1 signatures) and TLS1.3 (PSS signatures) – nobody is willing to obtain certificates for different protocol versions.
Currently this is only implemented for ECDSA keys.
Fields§
§key: Arc<EcdsaKeyPair>
§scheme: SignatureScheme
Implementations§
source§impl EcdsaSigningKey
impl EcdsaSigningKey
sourcepub fn new(
der: &PrivateKey,
scheme: SignatureScheme,
sigalg: &'static EcdsaSigningAlgorithm
) -> Result<Self, ()>
pub fn new(
der: &PrivateKey,
scheme: SignatureScheme,
sigalg: &'static EcdsaSigningAlgorithm
) -> Result<Self, ()>
Make a new ECDSASigningKey
from a DER encoding in PKCS#8 or SEC1
format, expecting a key usable with precisely the given signature
scheme.
sourcefn convert_sec1_to_pkcs8(
scheme: SignatureScheme,
sigalg: &'static EcdsaSigningAlgorithm,
maybe_sec1_der: &[u8]
) -> Result<EcdsaKeyPair, ()>
fn convert_sec1_to_pkcs8(
scheme: SignatureScheme,
sigalg: &'static EcdsaSigningAlgorithm,
maybe_sec1_der: &[u8]
) -> Result<EcdsaKeyPair, ()>
Convert a SEC1 encoding to PKCS8, and ask ring to parse it. This can be removed once https://github.com/briansmith/ring/pull/1456 (or equivalent) is landed.
Trait Implementations§
source§impl SigningKey for EcdsaSigningKey
impl SigningKey for EcdsaSigningKey
source§fn choose_scheme(
&self,
offered: &[SignatureScheme],
rng: Box<dyn SecureRandom + Send + Sync>
) -> Option<Box<dyn Signer>>
fn choose_scheme(
&self,
offered: &[SignatureScheme],
rng: Box<dyn SecureRandom + Send + Sync>
) -> Option<Box<dyn Signer>>
SignatureScheme
from those offered. Read moresource§fn algorithm(&self) -> SignatureAlgorithm
fn algorithm(&self) -> SignatureAlgorithm
Auto Trait Implementations§
impl RefUnwindSafe for EcdsaSigningKey
impl Send for EcdsaSigningKey
impl Sync for EcdsaSigningKey
impl Unpin for EcdsaSigningKey
impl UnwindSafe for EcdsaSigningKey
Blanket Implementations§
§impl<Tail, T> Prepend<T> for Tail
impl<Tail, T> Prepend<T> for Tail
§type PreprendResult = Tail
type PreprendResult = Tail
TupleList
], of an [Prepend::prepend()
] call,
including the prepended entry.