libcoap_rs::crypto::pki_rpk

Struct PkiKeyDef

Source 
pub struct PkiKeyDef<CA: KeyComponent<Pki>, PK: KeyComponent<Pki>, SK: KeyComponent<Pki>> { /* private fields */ }
Expand description

Key definition for a DTLS key consisting of a private key and a CA-signed certificate.

Optionally, it may also contain a CA certificate whose name will be sent to clients to indicate the key that they should themselves send.

§Note on key construction

For maximum compatibility, you should stick to the with_* constructors defined for this type. While in theory you could use an arbitrary combination of key component types for a key definition, those defined using with_* match explicit key types provided in libcoap and should therefore always be supported.

§The CA certificate field

Important: The CA certificate field/parameter is not to be confused with the CA certificate you may set while configuring HTTP servers. The CA certificate will not be sent in full to the peer during connection establishment and does not have to refer to the CA that signed the public certificate. It will only be used to set the CA list sent to the client for client certificate validation.

Therefore, in order for TLS certificate validation to succeed, the peer must already know the root CA’s and all intermediate CAs’ certificates.

Implementations§

Source§

impl<CA: KeyComponent<Pki>, PK: KeyComponent<Pki>, SK: KeyComponent<Pki>> PkiKeyDef<CA, PK, SK>

Source

pub fn new( ca_cert: Option<CA>, public_cert: PK, private_key: SK, user_pin: Option<CString>, asn1_private_key_type: Asn1PrivateKeyType, ) -> Self

Creates a new key definition using the given components.

§Parameters
  • ca_cert: The certificate of the CA whose name should be provided to clients when requesting client certificates. Important: See the section in the struct-level documentation regarding this field for more information.
  • public_cert: The public (signed) certificate of this key.
  • private_key: The private key.
  • user_pin: The PIN that should be used when unlocking a token (for PKCS11 keys stored on a token, ignored otherwise)
  • asn1_private_key_type: The type of the private key (only used for DER/ASN.1 encoded keys).
Source§

impl PkiKeyDef<PemFileKeyComponent, PemFileKeyComponent, PemFileKeyComponent>

Source

pub fn with_pem_files( ca_cert: Option<impl Into<PemFileKeyComponent>>, public_cert: impl Into<PemFileKeyComponent>, private_key: impl Into<PemFileKeyComponent>, ) -> Self

Creates a new key definition using PEM-encoded files as components.

See the documentation of PkiKeyDef::new for more information on the parameters, especially regarding the ca_cert field.

Source§

impl PkiKeyDef<PemMemoryKeyComponent, PemMemoryKeyComponent, PemMemoryKeyComponent>

Source

pub fn with_pem_memory( ca_cert: Option<impl Into<PemMemoryKeyComponent>>, public_cert: impl Into<PemMemoryKeyComponent>, private_key: impl Into<PemMemoryKeyComponent>, ) -> Self

Creates a new key definition using PEM-encoded byte sequences in memory as components.

See the documentation of PkiKeyDef::new for more information on the parameters, especially regarding the ca_cert field.

Source§

impl PkiKeyDef<DerFileKeyComponent, DerFileKeyComponent, DerFileKeyComponent>

Source

pub fn with_asn1_files( ca_cert: Option<impl Into<DerFileKeyComponent>>, public_cert: impl Into<DerFileKeyComponent>, private_key: impl Into<DerFileKeyComponent>, private_key_type: Asn1PrivateKeyType, ) -> Self

Creates a new key definition using DER-encoded files as components.

See the documentation of PkiKeyDef::new for more information on the parameters, especially regarding the ca_cert field.

Source§

impl PkiKeyDef<DerMemoryKeyComponent, DerMemoryKeyComponent, DerMemoryKeyComponent>

Source

pub fn with_asn1_memory( ca_cert: Option<impl Into<DerMemoryKeyComponent>>, public_cert: impl Into<DerMemoryKeyComponent>, private_key: impl Into<DerMemoryKeyComponent>, private_key_type: Asn1PrivateKeyType, ) -> Self

Creates a new key definition using DER-encoded byte sequences in memory as components.

See the documentation of PkiKeyDef::new for more information on the parameters, especially regarding the ca_cert field.

Source§

impl PkiKeyDef<Pkcs11KeyComponent, Pkcs11KeyComponent, Pkcs11KeyComponent>

Source

pub fn with_pkcs11( ca_cert: Option<impl Into<Pkcs11KeyComponent>>, public_cert: impl Into<Pkcs11KeyComponent>, private_key: impl Into<Pkcs11KeyComponent>, user_pin: Option<CString>, ) -> Self

Creates a new key definition using PKCS11 URIs as components.

See the documentation of PkiKeyDef::new for more information on the parameters, especially regarding the ca_cert field.

Trait Implementations§

Source§

impl<CA: Clone + KeyComponent<Pki>, PK: Clone + KeyComponent<Pki>, SK: Clone + KeyComponent<Pki>> Clone for PkiKeyDef<CA, PK, SK>

Source§

fn clone(&self) -> PkiKeyDef<CA, PK, SK>

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<CA: Debug + KeyComponent<Pki>, PK: Debug + KeyComponent<Pki>, SK: Debug + KeyComponent<Pki>> Debug for PkiKeyDef<CA, PK, SK>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<CA: KeyComponent<Pki>, PK: KeyComponent<Pki>, SK: KeyComponent<Pki>> KeyDef for PkiKeyDef<CA, PK, SK>

Source§

type KeyType = Pki

The key type of this key definition.

Auto Trait Implementations§

§

impl<CA, PK, SK> Freeze for PkiKeyDef<CA, PK, SK>
where PK: Freeze, SK: Freeze, CA: Freeze,

§

impl<CA, PK, SK> RefUnwindSafe for PkiKeyDef<CA, PK, SK>
where PK: RefUnwindSafe, SK: RefUnwindSafe, CA: RefUnwindSafe,

§

impl<CA, PK, SK> Send for PkiKeyDef<CA, PK, SK>
where PK: Send, SK: Send, CA: Send,

§

impl<CA, PK, SK> Sync for PkiKeyDef<CA, PK, SK>
where PK: Sync, SK: Sync, CA: Sync,

§

impl<CA, PK, SK> Unpin for PkiKeyDef<CA, PK, SK>
where PK: Unpin, SK: Unpin, CA: Unpin,

§

impl<CA, PK, SK> UnwindSafe for PkiKeyDef<CA, PK, SK>
where PK: UnwindSafe, SK: UnwindSafe, CA: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T