Library
Module
Module type
Parameter
Class
Class type
Private keys
type t = [
| `RSA of Mirage_crypto_pk.Rsa.priv
| `ED25519 of Mirage_crypto_ec.Ed25519.priv
| `P224 of Mirage_crypto_ec.P224.Dsa.priv
| `P256 of Mirage_crypto_ec.P256.Dsa.priv
| `P384 of Mirage_crypto_ec.P384.Dsa.priv
| `P521 of Mirage_crypto_ec.P521.Dsa.priv
]
The polymorphic variant of private keys.
val generate : ?seed:Cstruct.t -> ?bits:int -> X509.Key_type.t -> t
generate ~seed ~bits type
generates a private key of the given key type. The argument bits
is only used for the bit length of RSA keys. If seed
is provided, this is used to seed the random number generator.
val of_cstruct :
Cstruct.t ->
X509.Key_type.t ->
(t, [> `Msg of string ]) Stdlib.result
of_cstruct data type
decodes the buffer as private key. Only supported for elliptic curve keys.
val of_string :
?seed_or_data:[ `Seed | `Data ] ->
?bits:int ->
X509.Key_type.t ->
string ->
(t, [> `Msg of string ]) Stdlib.result
of_string ~seed_or_data ~bits type data
attempts to decode the data as a private key. If seed_or_data
is provided and `Seed
, the data
is taken as seed and generate
is used. If it is `Data
, of_cstruct
is used with the Base64 decoded data
. By default, if type
is RSA, the data is used as seed, otherwise directly as the private key data.
val key_type : t -> X509.Key_type.t
key_type priv
is the key type of priv
.
val public : t -> X509.Public_key.t
public priv
is the corresponding public key of priv
.
val encode_der : t -> Cstruct.t
encode_der key
is der
, the encoded private key as PKCS8 (RFC 5208, Section 5) PrivateKeyInfo structure.
val encode_pem : t -> Cstruct.t
encode_pem key
is pem
, the encoded private key (using PRIVATE KEY
).
val sign :
Mirage_crypto.Hash.hash ->
?scheme:Key_type.signature_scheme ->
t ->
[ `Digest of Cstruct.t | `Message of Cstruct.t ] ->
string Core.Or_error.t
val decode_der : contents:string -> t Core.Or_error.t
val decode_pem : contents:string -> t Core.Or_error.t
val of_pem_file : Core.Filename.t -> t Async.Deferred.Or_error.t