pub trait SigningKey:
Debug
+ Send
+ Sync {
// Required methods
fn choose_scheme(
&self,
offered: &[SignatureScheme],
) -> Option<Box<dyn Signer>>;
fn algorithm(&self) -> SignatureAlgorithm;
// Provided method
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>> { ... }
}Expand description
An abstract signing key.
This interface is used by rustls to use a private signing key for authentication. This includes server and client authentication.
Objects of this type are always used within Rustls as
Arc<dyn SigningKey>. There are no concrete public structs in Rustls
that implement this trait.
There are two main ways to get a signing key:
KeyProvider::load_private_key(), or- some other method outside of the
KeyProviderextension trait, for instance:
The KeyProvider method load_private_key() is called under the hood by
ConfigBuilder::with_single_cert(),
ConfigBuilder::with_client_auth_cert(), and
ConfigBuilder::with_single_cert_with_ocsp().
A signing key created outside of the KeyProvider extension trait can be used
to create a CertifiedKey, which in turn can be used to create a
ResolvesServerCertUsingSni. Alternately, a CertifiedKey can be returned from a
custom implementation of the ResolvesServerCert or ResolvesClientCert traits.
Required Methods§
Sourcefn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn Signer>>
Choose a SignatureScheme from those offered.
Expresses the choice by returning something that implements Signer,
using the chosen scheme.
Sourcefn algorithm(&self) -> SignatureAlgorithm
fn algorithm(&self) -> SignatureAlgorithm
What kind of key we have.
Provided Methods§
Sourcefn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
fn public_key(&self) -> Option<SubjectPublicKeyInfoDer<'_>>
Get the RFC 5280-compliant SubjectPublicKeyInfo (SPKI) of this SigningKey if available.