pub trait Pair: CryptoType + Sized + Clone + Send + Sync + 'static {
type Public: Public + Hash;
type Seed: Default + AsRef<[u8]> + AsMut<[u8]> + Clone;
type Signature: AsRef<[u8]>;
type DeriveError;
Show 13 methods
// Required methods
fn generate_with_phrase(
password: Option<&str>,
) -> (Self, String, Self::Seed);
fn from_phrase(
phrase: &str,
password: Option<&str>,
) -> Result<(Self, Self::Seed), SecretStringError>;
fn derive<Iter: Iterator<Item = DeriveJunction>>(
&self,
path: Iter,
seed: Option<Self::Seed>,
) -> Result<(Self, Option<Self::Seed>), Self::DeriveError>;
fn from_seed(seed: &Self::Seed) -> Self;
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>;
fn sign(&self, message: &[u8]) -> Self::Signature;
fn verify<M: AsRef<[u8]>>(
sig: &Self::Signature,
message: M,
pubkey: &Self::Public,
) -> bool;
fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(
sig: &[u8],
message: M,
pubkey: P,
) -> bool;
fn public(&self) -> Self::Public;
fn to_raw_vec(&self) -> Vec<u8> ⓘ;
// Provided methods
fn generate() -> (Self, Self::Seed) { ... }
fn from_string_with_seed(
s: &str,
password_override: Option<&str>,
) -> Result<(Self, Option<Self::Seed>), SecretStringError> { ... }
fn from_string(
s: &str,
password_override: Option<&str>,
) -> Result<Self, SecretStringError> { ... }
}
Expand description
Trait suitable for typical cryptographic PKI key pair type.
For now it just specifies how to create a key from a phrase and derivation path.
Required Associated Types§
sourcetype Seed: Default + AsRef<[u8]> + AsMut<[u8]> + Clone
type Seed: Default + AsRef<[u8]> + AsMut<[u8]> + Clone
The type used to (minimally) encode the data required to securely create a new key pair.
sourcetype Signature: AsRef<[u8]>
type Signature: AsRef<[u8]>
The type used to represent a signature. Can be created from a key pair and a message and verified with the message and a public key.
sourcetype DeriveError
type DeriveError
Error returned from the derive
function.
Required Methods§
sourcefn generate_with_phrase(password: Option<&str>) -> (Self, String, Self::Seed)
fn generate_with_phrase(password: Option<&str>) -> (Self, String, Self::Seed)
Generate new secure (random) key pair and provide the recovery phrase.
You can recover the same key later with from_phrase
.
This is generally slower than generate()
, so prefer that unless you need to persist
the key from the current session.
sourcefn from_phrase(
phrase: &str,
password: Option<&str>,
) -> Result<(Self, Self::Seed), SecretStringError>
fn from_phrase( phrase: &str, password: Option<&str>, ) -> Result<(Self, Self::Seed), SecretStringError>
Returns the KeyPair from the English BIP39 seed phrase
, or None
if it’s invalid.
sourcefn derive<Iter: Iterator<Item = DeriveJunction>>(
&self,
path: Iter,
seed: Option<Self::Seed>,
) -> Result<(Self, Option<Self::Seed>), Self::DeriveError>
fn derive<Iter: Iterator<Item = DeriveJunction>>( &self, path: Iter, seed: Option<Self::Seed>, ) -> Result<(Self, Option<Self::Seed>), Self::DeriveError>
Derive a child key from a series of given junctions.
sourcefn from_seed(seed: &Self::Seed) -> Self
fn from_seed(seed: &Self::Seed) -> Self
Generate new key pair from the provided seed
.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed
IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
sourcefn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
fn from_seed_slice(seed: &[u8]) -> Result<Self, SecretStringError>
Make a new key pair from secret seed material. The slice must be the correct size or
it will return None
.
@WARNING: THIS WILL ONLY BE SECURE IF THE seed
IS SECURE. If it can be guessed
by an attacker then they can also derive your key.
sourcefn verify<M: AsRef<[u8]>>(
sig: &Self::Signature,
message: M,
pubkey: &Self::Public,
) -> bool
fn verify<M: AsRef<[u8]>>( sig: &Self::Signature, message: M, pubkey: &Self::Public, ) -> bool
Verify a signature on a message. Returns true if the signature is good.
sourcefn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>(
sig: &[u8],
message: M,
pubkey: P,
) -> bool
fn verify_weak<P: AsRef<[u8]>, M: AsRef<[u8]>>( sig: &[u8], message: M, pubkey: P, ) -> bool
Verify a signature on a message. Returns true if the signature is good.
sourcefn to_raw_vec(&self) -> Vec<u8> ⓘ
fn to_raw_vec(&self) -> Vec<u8> ⓘ
Return a vec filled with raw data.
Provided Methods§
sourcefn generate() -> (Self, Self::Seed)
fn generate() -> (Self, Self::Seed)
Generate new secure (random) key pair.
This is only for ephemeral keys really, since you won’t have access to the secret key
for storage. If you want a persistent key pair, use generate_with_phrase
instead.
sourcefn from_string_with_seed(
s: &str,
password_override: Option<&str>,
) -> Result<(Self, Option<Self::Seed>), SecretStringError>
fn from_string_with_seed( s: &str, password_override: Option<&str>, ) -> Result<(Self, Option<Self::Seed>), SecretStringError>
Interprets the string s
in order to generate a key Pair. Returns both the pair and an
optional seed, in the case that the pair can be expressed as a direct derivation from a seed
(some cases, such as Sr25519 derivations with path components, cannot).
This takes a helper function to do the key generation from a phrase, password and junction iterator.
- If
s
is a possibly0x
prefixed 64-digit hex string, then it will be interpreted directly as aMiniSecretKey
(aka “seed” insubkey
). - If
s
is a valid BIP-39 key phrase of 12, 15, 18, 21 or 24 words, then the key will be derived from it. In this case:- the phrase may be followed by one or more items delimited by
/
characters. - the path may be followed by
///
, in which case everything after the///
is treated as a password.
- the phrase may be followed by one or more items delimited by
- If
s
begins with a/
character it is prefixed with the Substrate publicDEV_PHRASE
and interpreted as above.
In this case they are interpreted as HDKD junctions; purely numeric items are interpreted as
integers, non-numeric items as strings. Junctions prefixed with /
are interpreted as soft
junctions, and with //
as hard junctions.
There is no correspondence mapping between SURI strings and the keys they represent.
Two different non-identical strings can actually lead to the same secret being derived.
Notably, integer junction indices may be legally prefixed with arbitrary number of zeros.
Similarly an empty password (ending the SURI with ///
) is perfectly valid and will
generally be equivalent to no password at all.
None
is returned if no matches are found.
sourcefn from_string(
s: &str,
password_override: Option<&str>,
) -> Result<Self, SecretStringError>
fn from_string( s: &str, password_override: Option<&str>, ) -> Result<Self, SecretStringError>
Interprets the string s
in order to generate a key pair.
See from_string_with_seed
for more extensive documentation.