pub trait PrivateKeyMethod:
Send
+ Sync
+ 'static {
// Required methods
fn sign(
&self,
ssl: &mut SslRef,
input: &[u8],
signature_algorithm: SslSignatureAlgorithm,
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>;
fn decrypt(
&self,
ssl: &mut SslRef,
input: &[u8],
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>;
fn complete(
&self,
ssl: &mut SslRef,
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>;
}Expand description
Describes private key hooks. This is used to off-load signing operations to a custom, potentially asynchronous, backend. Metadata about the key such as the type and size are parsed out of the certificate.
Corresponds to ssl_private_key_method_st.
Required Methods§
Sourcefn sign(
&self,
ssl: &mut SslRef,
input: &[u8],
signature_algorithm: SslSignatureAlgorithm,
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>
fn sign( &self, ssl: &mut SslRef, input: &[u8], signature_algorithm: SslSignatureAlgorithm, output: &mut [u8], ) -> Result<usize, PrivateKeyMethodError>
Signs the message input using the specified signature algorithm.
On success, it returns Ok(written) where written is the number of
bytes written into output. On failure, it returns
Err(PrivateKeyMethodError::FAILURE). If the operation has not completed,
it returns Err(PrivateKeyMethodError::RETRY).
The caller should arrange for the high-level operation on ssl to be
retried when the operation is completed. This will result in a call to
Self::complete.
Sourcefn decrypt(
&self,
ssl: &mut SslRef,
input: &[u8],
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>
fn decrypt( &self, ssl: &mut SslRef, input: &[u8], output: &mut [u8], ) -> Result<usize, PrivateKeyMethodError>
Decrypts input.
On success, it returns Ok(written) where written is the number of
bytes written into output. On failure, it returns
Err(PrivateKeyMethodError::FAILURE). If the operation has not completed,
it returns Err(PrivateKeyMethodError::RETRY).
The caller should arrange for the high-level operation on ssl to be
retried when the operation is completed. This will result in a call to
Self::complete.
This method only works with RSA keys and should perform a raw RSA decryption operation with no padding.
Sourcefn complete(
&self,
ssl: &mut SslRef,
output: &mut [u8],
) -> Result<usize, PrivateKeyMethodError>
fn complete( &self, ssl: &mut SslRef, output: &mut [u8], ) -> Result<usize, PrivateKeyMethodError>
Completes a pending operation.
On success, it returns Ok(written) where written is the number of
bytes written into output. On failure, it returns
Err(PrivateKeyMethodError::FAILURE). If the operation has not completed,
it returns Err(PrivateKeyMethodError::RETRY).
This method may be called arbitrarily many times before completion.