X509 v0.1.0 X509.PrivateKey View Source

Functions for generating, reading and writing RSA and EC private keys.

Link to this section Summary

Types

t()

RSA or EC private key

Functions

Attempts to parse a private key in DER (binary) format. Unwraps the PKCS#8 PrivateKeyInfo container, if present

Attempts to parse a private key in PEM format. Unwraps the PKCS#8 PrivateKeyInfo container, if present

Generates a new private EC private key. To derive the public key, use X509.PublicKey.derive/1

Generates a new private RSA private key. To derive the public key, use X509.PublicKey.derive/1

Converts a private key to DER (binary) format

Converts a private key to PEM format

Extracts a private key from a PKCS#8 PrivateKeyInfo container

Wraps a private key in a PKCS#8 PrivateKeyInfo container

Link to this section Types

Link to this section Functions

Link to this function from_der(der) View Source
from_der(binary()) :: t() | nil

Attempts to parse a private key in DER (binary) format. Unwraps the PKCS#8 PrivateKeyInfo container, if present.

If the data cannot be parsed as a supported private key type, nil is returned.

Link to this function from_pem(pem, opts \\ []) View Source
from_pem(String.t(), Keyword.t()) :: t() | nil

Attempts to parse a private key in PEM format. Unwraps the PKCS#8 PrivateKeyInfo container, if present.

If the data cannot be parsed as a supported private key type, nil is returned.

Options:

  • :password - the password used to decrypt an encrypted private key; may be specified as a string or a charlist

Generates a new private EC private key. To derive the public key, use X509.PublicKey.derive/1.

The second parameter must specify a named curve. The curve can be specified as an atom or an OID tuple.

Note that this function uses Erlang/OTP’s :public_key application, which does not support all curve names returned by the :crypto.ec_curves/0 function. In particular, the NIST Prime curves must be selected by their SECG id, e.g. NIST P-256 is :secp256r1 rather than :prime256v1. Please refer to RFC4492 appendix A for a mapping table.

Generates a new private RSA private key. To derive the public key, use X509.PublicKey.derive/1.

The key length in bits must be specified as an integer (minimum 256 bits). The default exponent of 65537 can be overridden using the :exponent option. Warning: the custom exponent value is not checked for safety!

Link to this function to_der(private_key, opts \\ []) View Source
to_der(t(), Keyword.t()) :: binary()

Converts a private key to DER (binary) format.

Options:

  • :wrap - Wrap the private key in a PKCS#8 PrivateKeyInfo container (default: false)
Link to this function to_pem(private_key, opts \\ []) View Source
to_pem(t(), Keyword.t()) :: String.t()

Converts a private key to PEM format.

Options:

  • :wrap - Wrap the private key in a PKCS#8 PrivateKeyInfo container (default: false)

Extracts a private key from a PKCS#8 PrivateKeyInfo container.

Link to this function wrap(private_key) View Source
wrap(t()) :: X509.ASN.record(:private_key_info)
wrap(X509.ASN.record(:private_key_info)) :: t()

Wraps a private key in a PKCS#8 PrivateKeyInfo container.