RustCrypto: PKCS#8 (Private Keys)
Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification (RFC 5208).
PKCS#8 is a format for cryptographic private keys, often containing pairs of private and public keys.
You can identify a PKCS#8 private key encoded as PEM (i.e. text) by the following:
-----BEGIN PRIVATE KEY-----
PKCS#8 private keys can optionally be encrypted under a password using key derivation algorithms like PBKDF2 and scrypt, and encrypted with ciphers like AES-CBC. When a PKCS#8 private key has been encrypted, it starts with the following:
-----BEGIN ENCRYPTED PRIVATE KEY-----
PKCS#8 private keys can also be serialized in an ASN.1-based binary format. The PEM text encoding is a Base64 representation of this format.
This crate is implemented in an algorithm-agnostic manner with the goal of enabling PKCS#8 support for any algorithm.
That said, it has been tested for interoperability against keys generated by OpenSSL for the following algorithms:
- ECC (
id-ecPublicKey
) - Ed25519 (
id-Ed25519
) - RSA (
id-rsaEncryption
) - X25519 (
id-X25519
)
Please open an issue if you encounter trouble using it with a particular algorithm, including the ones listed above or other algorithms.
This crate requires Rust 1.71 at a minimum.
We may change the MSRV in the future, but it will be accompanied by a minor version bump.
Licensed under either of:
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.