aws_lc_rs::rsa

Struct KeyPair

Source 
pub struct KeyPair { /* private fields */ }
Expand description

An RSA key pair, used for signing.

Implementations§

Source§

impl KeyPair

Source

pub fn generate(size: KeySize) -> Result<Self, Unspecified>

Generate a RSA KeyPair of the specified key-strength.

§Errors
  • Unspecified: Any key generation failure.
Source

pub fn from_pkcs8(pkcs8: &[u8]) -> Result<Self, KeyRejected>

Parses an unencrypted PKCS#8 DER encoded RSA private key.

Keys can be generated using KeyPair::generate.

§ring-compatibility

aws-lc-rs does not impose the same limitations that ring does for RSA keys. Thus signatures may be generated by keys that are not accepted by ring. In particular:

  • RSA private keys ranging between 2048-bit keys and 8192-bit keys are supported.
  • The public exponent does not have a required minimum size.
§Errors

error::KeyRejected if bytes do not encode an RSA private key or if the key is otherwise not acceptable.

Source

pub fn from_der(input: &[u8]) -> Result<Self, KeyRejected>

Parses a DER-encoded RSAPrivateKey structure (RFC 8017).

§Errors

error:KeyRejected on error.

Source

pub fn sign( &self, padding_alg: &'static dyn RsaEncoding, _rng: &dyn SecureRandom, msg: &[u8], signature: &mut [u8], ) -> Result<(), Unspecified>

Sign msg. msg is digested using the digest algorithm from padding_alg and the digest is then padded using the padding algorithm from padding_alg. The signature it written into signature; signature’s length must be exactly the length returned by public_modulus_len().

Many other crypto libraries have signing functions that takes a precomputed digest as input, instead of the message to digest. This function does not take a precomputed digest; instead, sign calculates the digest itself.

§ring Compatibility

Our implementation ignores the SecureRandom parameter.

§Errors

error::Unspecified on error. With “fips” feature enabled, errors if digest length is greater than u32::MAX.

Source

pub fn public_modulus_len(&self) -> usize

Returns the length in bytes of the key pair’s public modulus.

A signature has the same length as the public modulus.

Trait Implementations§

Source§

impl AsDer<Pkcs8V1Der<'static>> for KeyPair

Source§

fn as_der(&self) -> Result<Pkcs8V1Der<'static>, Unspecified>

Serializes into a DER format. Read more
Source§

impl Debug for KeyPair

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl KeyPair for KeyPair

Source§

type PublicKey = PublicKey

The type of the public key.
Source§

fn public_key(&self) -> &Self::PublicKey

The public key for the key pair.
Source§

impl Send for KeyPair

Source§

impl Sync for KeyPair

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.