Struct rsa::RSAPrivateKey

pub struct RSAPrivateKey { /* fields omitted */ }

Represents a whole RSA key, public and private parts.

Implementations

impl RSAPrivateKey

pub fn new<R: Rng>(rng: &mut R, bit_size: usize) -> Result<RSAPrivateKey>

Generate a new RSA key pair of the given bit size using the passed in rng.

pub fn from_components(
    n: BigUint,
    e: BigUint,
    d: BigUint,
    primes: Vec<BigUint>
) -> RSAPrivateKey

Constructs an RSA key pair from the individual components.

pub fn from_pkcs1(der: &[u8]) -> Result<RSAPrivateKey>

Parse a PKCS1 encoded RSA Private Key.

The der data is expected to be the base64 decoded content following a -----BEGIN RSA PRIVATE KEY----- header.

https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem

Example

use rsa::RSAPrivateKey;

let file_content = r#"
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBAK5Z7jk1ql5DquRvlPmFgyBDCvdPQ0T2si2oPAUmNw2Z/qb2Sr/B
EBoWpagFf8Gl1K4PRipJSudDl6N/Vdb2CYkCAwEAAQJBAI3vWCfqsE8c9zoQPE8F
icHx0jOSq0ixLExO8M2gVqESq3SJpWbEbvPPbRb1sIqZHe5wV3Xmj09zvUzfdeB7
C6ECIQDjoB/kp7QlRiNhgudhQPct8XUf6Cgp7hBxL2K9Q9UzawIhAMQVvtH1TUOd
aSWiqrFx7w+54o58fIpkecI5Kl0TaWfbAiBrnye1Kn2IKhNMZWIUn2y+8izYeyGS
QZbQjQD4T3wcJQIgKGgWv2teNZ29ai0AIbrJuaLjhdsvStFzqctf6Hg0k1sCIQCj
JdwDGF7Kanex70KAacmOlw3vfx6XWT+2PH6Qh8tLug==
-----END RSA PRIVATE KEY-----
"#;

let der_encoded = file_content
    .lines()
    .filter(|line| !line.starts_with("-"))
    .fold(String::new(), |mut data, line| {
        data.push_str(&line);
        data
    });
let der_bytes = base64::decode(&der_encoded).expect("failed to decode base64 content");
let private_key = RSAPrivateKey::from_pkcs1(&der_bytes).expect("failed to parse key");

pub fn from_pkcs8(der: &[u8]) -> Result<RSAPrivateKey>

Parse a PKCS8 encoded RSA Private Key.

The der data is expected to be the base64 decoded content following a -----BEGIN PRIVATE KEY----- header.

https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem

Example

use rsa::RSAPrivateKey;

let file_content = r#"
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEArlnuOTWqXkOq5G+U
+YWDIEMK909DRPayLag8BSY3DZn+pvZKv8EQGhalqAV/waXUrg9GKklK50OXo39V
1vYJiQIDAQABAkEAje9YJ+qwTxz3OhA8TwWJwfHSM5KrSLEsTE7wzaBWoRKrdIml
ZsRu889tFvWwipkd7nBXdeaPT3O9TN914HsLoQIhAOOgH+SntCVGI2GC52FA9y3x
dR/oKCnuEHEvYr1D1TNrAiEAxBW+0fVNQ51pJaKqsXHvD7nijnx8imR5wjkqXRNp
Z9sCIGufJ7UqfYgqE0xlYhSfbL7yLNh7IZJBltCNAPhPfBwlAiAoaBa/a141nb1q
LQAhusm5ouOF2y9K0XOpy1/oeDSTWwIhAKMl3AMYXspqd7HvQoBpyY6XDe9/HpdZ
P7Y8fpCHy0u6
-----END PRIVATE KEY-----
"#;

let der_encoded = file_content
    .lines()
    .filter(|line| !line.starts_with("-"))
    .fold(String::new(), |mut data, line| {
        data.push_str(&line);
        data
    });
let der_bytes = base64::decode(&der_encoded).expect("failed to decode base64 content");
let private_key = RSAPrivateKey::from_pkcs8(&der_bytes).expect("failed to parse key");

pub fn to_public_key(&self) -> RSAPublicKey

Get the public key from the private key, cloning n and e.

Generally this is not needed since RSAPrivateKey implements the PublicKey trait, but it can occationally be useful to discard the private information entirely.

pub fn precompute(&mut self) -> Result<()>

Performs some calculations to speed up private key operations.

pub fn d(&self) -> &BigUint

Returns the private exponent of the key.

pub fn primes(&self) -> &[BigUint]

Returns the prime factors.

pub fn validate(&self) -> Result<()>

Performs basic sanity checks on the key. Returns Ok(()) if everything is good, otherwise an approriate error.

pub fn decrypt(
    &self,
    padding: PaddingScheme,
    ciphertext: &[u8]
) -> Result<Vec<u8>>

Decrypt the given message.

pub fn decrypt_blinded<R: Rng>(
    &self,
    rng: &mut R,
    padding: PaddingScheme,
    ciphertext: &[u8]
) -> Result<Vec<u8>>

Decrypt the given message.

Uses rng to blind the decryption process.

pub fn sign(&self, padding: PaddingScheme, digest_in: &[u8]) -> Result<Vec<u8>>

Sign the given digest.

pub fn sign_blinded<R: Rng>(
    &self,
    rng: &mut R,
    padding: PaddingScheme,
    digest_in: &[u8]
) -> Result<Vec<u8>>

Sign the given digest.

Use rng for blinding.

Methods from Deref<Target = RSAPublicKey>

Trait Implementations

impl Clone for RSAPrivateKey

fn clone(&self) -> RSAPrivateKey

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for RSAPrivateKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Deref for RSAPrivateKey

type Target = RSAPublicKey

The resulting type after dereferencing.

fn deref(&self) -> &RSAPublicKey

Dereferences the value.

impl<'de> Deserialize<'de> for RSAPrivateKey

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl Drop for RSAPrivateKey

fn drop(&mut self)

Executes the destructor for this type.

impl From<&'_ RSAPrivateKey> for RSAPublicKey

fn from(private_key: &RSAPrivateKey) -> Self

Performs the conversion.

impl From<RSAPrivateKey> for RSAPublicKey

fn from(private_key: RSAPrivateKey) -> Self

Performs the conversion.

impl PartialEq<RSAPrivateKey> for RSAPrivateKey

fn eq(&self, other: &RSAPrivateKey) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use]

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl PublicKeyParts for RSAPrivateKey

fn n(&self) -> &BigUint

Returns the modulus of the key.

fn e(&self) -> &BigUint

Returns the public exponent of the key.

fn size(&self) -> usize

Returns the modulus size in bytes. Raw signatures and ciphertexts for or by this public key will have the same size.

impl<'a> PublicKeyParts for &'a RSAPrivateKey

fn n(&self) -> &BigUint

Returns the modulus of the key.

fn e(&self) -> &BigUint

Returns the public exponent of the key.

fn size(&self) -> usize

Returns the modulus size in bytes. Raw signatures and ciphertexts for or by this public key will have the same size.

impl Serialize for RSAPrivateKey

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.

impl TryFrom<Pem> for RSAPrivateKey

fn try_from(pem: Pem) -> Result<RSAPrivateKey>

Parses a PKCS8 or PKCS1 encoded RSA Private Key.

Expects one of the following pem headers:

• -----BEGIN PRIVATE KEY-----
• -----BEGIN RSA PRIVATE KEY-----

Example

use std::convert::TryFrom;
use rsa::RSAPrivateKey;

let file_content = r#"
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBAK5Z7jk1ql5DquRvlPmFgyBDCvdPQ0T2si2oPAUmNw2Z/qb2Sr/B
EBoWpagFf8Gl1K4PRipJSudDl6N/Vdb2CYkCAwEAAQJBAI3vWCfqsE8c9zoQPE8F
icHx0jOSq0ixLExO8M2gVqESq3SJpWbEbvPPbRb1sIqZHe5wV3Xmj09zvUzfdeB7
C6ECIQDjoB/kp7QlRiNhgudhQPct8XUf6Cgp7hBxL2K9Q9UzawIhAMQVvtH1TUOd
aSWiqrFx7w+54o58fIpkecI5Kl0TaWfbAiBrnye1Kn2IKhNMZWIUn2y+8izYeyGS
QZbQjQD4T3wcJQIgKGgWv2teNZ29ai0AIbrJuaLjhdsvStFzqctf6Hg0k1sCIQCj
JdwDGF7Kanex70KAacmOlw3vfx6XWT+2PH6Qh8tLug==
-----END RSA PRIVATE KEY-----
"#;

let pem = rsa::pem::parse(file_content).expect("failed to parse pem file");
let private_key = RSAPrivateKey::try_from(pem).expect("failed to parse key");

type Error = Error

The type returned in the event of a conversion error.

impl Zeroize for RSAPrivateKey

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Eq for RSAPrivateKey