summaryrefslogtreecommitdiffstats
path: root/vendor/pkcs8/README.md
blob: c1585439a440678eae3757118772161c2e4bb616 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# [RustCrypto]: PKCS#8 (Private Keys)

[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
[![Build Status][build-image]][build-link]
![Apache2/MIT licensed][license-image]
![Rust Version][rustc-image]
[![Project Chat][chat-image]][chat-link]

Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8:
Private-Key Information Syntax Specification ([RFC 5208]).

[Documentation][docs-link]

## About PKCS#8

PKCS#8 is a format for cryptographic private keys, often containing pairs
of private and public keys.

You can identify a PKCS#8 private key encoded as PEM (i.e. text) by the
following:

```text
-----BEGIN PRIVATE KEY-----
```

PKCS#8 private keys can optionally be encrypted under a password using
key derivation algorithms like PBKDF2 and [scrypt], and encrypted with
ciphers like AES-CBC. When a PKCS#8 private key has been encrypted,
it starts with the following:

```text
-----BEGIN ENCRYPTED PRIVATE KEY-----
```

PKCS#8 private keys can also be serialized in an ASN.1-based binary format.
The PEM text encoding is a Base64 representation of this format.

## Supported Algorithms

This crate is implemented in an algorithm-agnostic manner with the goal of
enabling PKCS#8 support for any algorithm.

That said, it has been tested for interoperability against keys generated by
OpenSSL for the  following algorithms:

- ECC (`id-ecPublicKey`)
- Ed25519 (`id-Ed25519`)
- RSA (`id-rsaEncryption`)
- X25519 (`id-X25519`)

Please open an issue if you encounter trouble using it with a particular
algorithm, including the ones listed above or other algorithms.

## Minimum Supported Rust Version

This crate requires **Rust 1.65** at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor
version bump.

## License

Licensed under either of:

 * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
 * [MIT license](http://opensource.org/licenses/MIT)

at your option.

### Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.

[//]: # (badges)

[crate-image]: https://buildstats.info/crate/pkcs8
[crate-link]: https://crates.io/crates/pkcs8
[docs-image]: https://docs.rs/pkcs8/badge.svg
[docs-link]: https://docs.rs/pkcs8/
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats
[build-image]: https://github.com/RustCrypto/formats/workflows/pkcs8/badge.svg?branch=master&event=push
[build-link]: https://github.com/RustCrypto/formats/actions

[//]: # (links)

[RustCrypto]: https://github.com/rustcrypto
[RFC 5208]: https://tools.ietf.org/html/rfc5208
[scrypt]: https://en.wikipedia.org/wiki/Scrypt