pub trait SigningKey:
Debug
+ Send
+ Sync {
// Required methods
fn choose_scheme(
&self,
offered: &[SignatureScheme],
) -> Option<Box<dyn Signer>>;
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>;
fn algorithm(&self) -> SignatureAlgorithm;
}Expand description
An abstract signing key.
This interface is used by rustls to use a private signing key for authentication. This includes server and client authentication.
Objects of this type are always used within Rustls as
Arc<dyn SigningKey>. There are no concrete public structs in Rustls
that implement this trait.
You can obtain a SigningKey by calling the KeyProvider::load_private_key()
method, which is usually referenced via CryptoProvider::key_provider.
The KeyProvider method load_private_key() is called under the hood by
ConfigBuilder::with_single_cert(),
ConfigBuilder::with_client_auth_cert(), and
ConfigBuilder::with_single_cert_with_ocsp().
A signing key created outside of the KeyProvider extension trait can be used
to create a Credentials, which in turn can be used to create a
ServerNameResolver. Alternately, a Credentials can be returned from a
custom implementation of the ServerCredentialResolver or ClientCredentialResolver traits.
Required Methods§
Sourcefn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
Choose a SignatureScheme from those offered.
Expresses the choice by returning something that implements Signer,
using the chosen scheme.
Sourcefn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this SigningKey.
If an implementation does not have the ability to derive this,
it can return None.
Sourcefn algorithm(&self) -> SignatureAlgorithm
fn algorithm(&self) -> SignatureAlgorithm
What kind of key we have.