Struct jwt_compact::alg::RsaPrivateKey
source · pub struct RsaPrivateKey { /* private fields */ }
rsa
only.Expand description
Represents a whole RSA key, public and private parts.
Implementations§
source§impl RsaPrivateKey
impl RsaPrivateKey
sourcepub fn new<R>(rng: &mut R, bit_size: usize) -> Result<RsaPrivateKey, Error>where
R: CryptoRngCore + ?Sized,
pub fn new<R>(rng: &mut R, bit_size: usize) -> Result<RsaPrivateKey, Error>where
R: CryptoRngCore + ?Sized,
Generate a new Rsa key pair of the given bit size using the passed in rng
.
sourcepub fn new_with_exp<R>(
rng: &mut R,
bit_size: usize,
exp: &BigUint
) -> Result<RsaPrivateKey, Error>where
R: CryptoRngCore + ?Sized,
pub fn new_with_exp<R>(
rng: &mut R,
bit_size: usize,
exp: &BigUint
) -> Result<RsaPrivateKey, Error>where
R: CryptoRngCore + ?Sized,
Generate a new RSA key pair of the given bit size and the public exponent
using the passed in rng
.
Unless you have specific needs, you should use RsaPrivateKey::new
instead.
sourcepub fn from_components(
n: BigUint,
e: BigUint,
d: BigUint,
primes: Vec<BigUint>
) -> Result<RsaPrivateKey, Error>
pub fn from_components( n: BigUint, e: BigUint, d: BigUint, primes: Vec<BigUint> ) -> Result<RsaPrivateKey, Error>
Constructs an RSA key pair from individual components:
n
: RSA moduluse
: public exponent (i.e. encrypting exponent)d
: private exponent (i.e. decrypting exponent)primes
: prime factors ofn
: typically two primesp
andq
. More than two primes can be provided for multiprime RSA, however this is generally not recommended. If noprimes
are provided, a prime factor recovery algorithm will be employed to attempt to recover the factors (as described in NIST SP 800-56B Revision 2 Appendix C.2). This algorithm only works if there are just two prime factorsp
andq
(as opposed to multiprime), ande
is between 2^16 and 2^256.
sourcepub fn from_p_q(
p: BigUint,
q: BigUint,
public_exponent: BigUint
) -> Result<RsaPrivateKey, Error>
pub fn from_p_q( p: BigUint, q: BigUint, public_exponent: BigUint ) -> Result<RsaPrivateKey, Error>
Constructs an RSA key pair from its two primes p and q.
This will rebuild the private exponent and the modulus.
Private exponent will be rebuilt using the method defined in NIST 800-56B Section 6.2.1.
sourcepub fn from_primes(
primes: Vec<BigUint>,
public_exponent: BigUint
) -> Result<RsaPrivateKey, Error>
pub fn from_primes( primes: Vec<BigUint>, public_exponent: BigUint ) -> Result<RsaPrivateKey, Error>
Constructs an RSA key pair from its primes.
This will rebuild the private exponent and the modulus.
sourcepub fn to_public_key(&self) -> RsaPublicKey
pub fn to_public_key(&self) -> RsaPublicKey
Get the public key from the private key, cloning n
and e
.
Generally this is not needed since RsaPrivateKey
implements the PublicKey
trait,
but it can occasionally be useful to discard the private information entirely.
sourcepub fn precompute(&mut self) -> Result<(), Error>
pub fn precompute(&mut self) -> Result<(), Error>
Performs some calculations to speed up private key operations.
sourcepub fn clear_precomputed(&mut self)
pub fn clear_precomputed(&mut self)
Clears precomputed values by setting to None
sourcepub fn crt_coefficient(&self) -> Option<BigUint>
pub fn crt_coefficient(&self) -> Option<BigUint>
Compute CRT coefficient: (1/q) mod p
.
sourcepub fn validate(&self) -> Result<(), Error>
pub fn validate(&self) -> Result<(), Error>
Performs basic sanity checks on the key.
Returns Ok(())
if everything is good, otherwise an appropriate error.
sourcepub fn decrypt<P>(
&self,
padding: P,
ciphertext: &[u8]
) -> Result<Vec<u8>, Error>where
P: PaddingScheme,
pub fn decrypt<P>(
&self,
padding: P,
ciphertext: &[u8]
) -> Result<Vec<u8>, Error>where
P: PaddingScheme,
Decrypt the given message.
sourcepub fn decrypt_blinded<R, P>(
&self,
rng: &mut R,
padding: P,
ciphertext: &[u8]
) -> Result<Vec<u8>, Error>where
R: CryptoRngCore,
P: PaddingScheme,
pub fn decrypt_blinded<R, P>(
&self,
rng: &mut R,
padding: P,
ciphertext: &[u8]
) -> Result<Vec<u8>, Error>where
R: CryptoRngCore,
P: PaddingScheme,
Decrypt the given message.
Uses rng
to blind the decryption process.
sourcepub fn sign<S>(&self, padding: S, digest_in: &[u8]) -> Result<Vec<u8>, Error>where
S: SignatureScheme,
pub fn sign<S>(&self, padding: S, digest_in: &[u8]) -> Result<Vec<u8>, Error>where
S: SignatureScheme,
Sign the given digest.
sourcepub fn sign_with_rng<R, S>(
&self,
rng: &mut R,
padding: S,
digest_in: &[u8]
) -> Result<Vec<u8>, Error>where
R: CryptoRngCore,
S: SignatureScheme,
pub fn sign_with_rng<R, S>(
&self,
rng: &mut R,
padding: S,
digest_in: &[u8]
) -> Result<Vec<u8>, Error>where
R: CryptoRngCore,
S: SignatureScheme,
Sign the given digest using the provided rng
, which is used in the
following ways depending on the SignatureScheme
:
Pkcs1v15Sign
padding: uses the RNG to mask the private key operation with random blinding, which helps mitigate sidechannel attacks.Pss
always requires randomness. UsePss::new
for a standard RSASSA-PSS signature, orPss::new_blinded
for RSA-BSSA blind signatures.
Trait Implementations§
source§impl AsRef<RsaPublicKey> for RsaPrivateKey
impl AsRef<RsaPublicKey> for RsaPrivateKey
source§fn as_ref(&self) -> &RsaPublicKey
fn as_ref(&self) -> &RsaPublicKey
source§impl Clone for RsaPrivateKey
impl Clone for RsaPrivateKey
source§fn clone(&self) -> RsaPrivateKey
fn clone(&self) -> RsaPrivateKey
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for RsaPrivateKey
impl Debug for RsaPrivateKey
source§impl Drop for RsaPrivateKey
impl Drop for RsaPrivateKey
source§impl EncodePrivateKey for RsaPrivateKey
impl EncodePrivateKey for RsaPrivateKey
source§fn to_pkcs8_der(&self) -> Result<SecretDocument, Error>
fn to_pkcs8_der(&self) -> Result<SecretDocument, Error>
SecretDocument
] containing a PKCS#8-encoded private key.source§impl<'a> From<&'a RsaPrivateKey> for JsonWebKey<'a>
impl<'a> From<&'a RsaPrivateKey> for JsonWebKey<'a>
⚠ Warning. Contrary to RFC 7518, this implementation does not set dp
, dq
, and qi
fields in the JWK root object, as well as d
and t
fields for additional factors
(i.e., in the oth
array).
source§fn from(key: &'a RsaPrivateKey) -> JsonWebKey<'a>
fn from(key: &'a RsaPrivateKey) -> JsonWebKey<'a>
source§impl From<&RsaPrivateKey> for RsaPublicKey
impl From<&RsaPrivateKey> for RsaPublicKey
source§fn from(private_key: &RsaPrivateKey) -> RsaPublicKey
fn from(private_key: &RsaPrivateKey) -> RsaPublicKey
source§impl<D> From<BlindedSigningKey<D>> for RsaPrivateKeywhere
D: Digest,
impl<D> From<BlindedSigningKey<D>> for RsaPrivateKeywhere
D: Digest,
source§fn from(key: BlindedSigningKey<D>) -> RsaPrivateKey
fn from(key: BlindedSigningKey<D>) -> RsaPrivateKey
source§impl From<RsaPrivateKey> for RsaPublicKey
impl From<RsaPrivateKey> for RsaPublicKey
source§fn from(private_key: RsaPrivateKey) -> RsaPublicKey
fn from(private_key: RsaPrivateKey) -> RsaPublicKey
source§impl<D> From<SigningKey<D>> for RsaPrivateKeywhere
D: Digest,
impl<D> From<SigningKey<D>> for RsaPrivateKeywhere
D: Digest,
source§fn from(key: SigningKey<D>) -> RsaPrivateKey
fn from(key: SigningKey<D>) -> RsaPrivateKey
source§impl<D> From<SigningKey<D>> for RsaPrivateKeywhere
D: Digest,
impl<D> From<SigningKey<D>> for RsaPrivateKeywhere
D: Digest,
source§fn from(key: SigningKey<D>) -> RsaPrivateKey
fn from(key: SigningKey<D>) -> RsaPrivateKey
source§impl Hash for RsaPrivateKey
impl Hash for RsaPrivateKey
source§impl PartialEq for RsaPrivateKey
impl PartialEq for RsaPrivateKey
source§fn eq(&self, other: &RsaPrivateKey) -> bool
fn eq(&self, other: &RsaPrivateKey) -> bool
self
and other
values to be equal, and is used
by ==
.source§impl PrivateKeyParts for RsaPrivateKey
impl PrivateKeyParts for RsaPrivateKey
source§fn crt_values(&self) -> Option<&[CrtValue]>
fn crt_values(&self) -> Option<&[CrtValue]>
source§impl PublicKeyParts for RsaPrivateKey
impl PublicKeyParts for RsaPrivateKey
source§impl TryFrom<&JsonWebKey<'_>> for RsaPrivateKey
impl TryFrom<&JsonWebKey<'_>> for RsaPrivateKey
⚠ Warning. Contrary to RFC 7518 (at least, in spirit), this conversion ignores
dp
, dq
, and qi
fields from JWK, as well as d
and t
fields for additional factors.
source§impl TryFrom<PrivateKeyInfo<'_>> for RsaPrivateKey
impl TryFrom<PrivateKeyInfo<'_>> for RsaPrivateKey
source§impl TryFrom<RsaPrivateKey> for StrongKey<RsaPrivateKey>
impl TryFrom<RsaPrivateKey> for StrongKey<RsaPrivateKey>
§type Error = WeakKeyError<RsaPrivateKey>
type Error = WeakKeyError<RsaPrivateKey>
impl Eq for RsaPrivateKey
impl ZeroizeOnDrop for RsaPrivateKey
Auto Trait Implementations§
impl RefUnwindSafe for RsaPrivateKey
impl Send for RsaPrivateKey
impl Sync for RsaPrivateKey
impl Unpin for RsaPrivateKey
impl UnwindSafe for RsaPrivateKey
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> DecodePrivateKey for Twhere
T: for<'a> TryFrom<PrivateKeyInfo<'a>, Error = Error>,
impl<T> DecodePrivateKey for Twhere
T: for<'a> TryFrom<PrivateKeyInfo<'a>, Error = Error>,
§fn from_pkcs8_der(bytes: &[u8]) -> Result<T, Error>
fn from_pkcs8_der(bytes: &[u8]) -> Result<T, Error>
§impl<T> DecodeRsaPrivateKey for Twhere
T: for<'a> TryFrom<PrivateKeyInfo<'a>, Error = Error>,
impl<T> DecodeRsaPrivateKey for Twhere
T: for<'a> TryFrom<PrivateKeyInfo<'a>, Error = Error>,
§fn from_pkcs1_der(private_key: &[u8]) -> Result<T, Error>
fn from_pkcs1_der(private_key: &[u8]) -> Result<T, Error>
§impl<T> EncodeRsaPrivateKey for Twhere
T: EncodePrivateKey,
impl<T> EncodeRsaPrivateKey for Twhere
T: EncodePrivateKey,
§fn to_pkcs1_der(&self) -> Result<SecretDocument, Error>
fn to_pkcs1_der(&self) -> Result<SecretDocument, Error>
SecretDocument
] containing a PKCS#1-encoded private key.