X509 v0.1.0 X509.PrivateKey View Source
Functions for generating, reading and writing RSA and EC private keys.
Link to this section Summary
Functions
Attempts to parse a private key in DER (binary) format. Unwraps the PKCS#8 PrivateKeyInfo container, if present
Attempts to parse a private key in PEM format. Unwraps the PKCS#8 PrivateKeyInfo container, if present
Generates a new private EC private key. To derive the public key, use
X509.PublicKey.derive/1
Generates a new private RSA private key. To derive the public key, use
X509.PublicKey.derive/1
Converts a private key to DER (binary) format
Converts a private key to PEM format
Extracts a private key from a PKCS#8 PrivateKeyInfo container
Wraps a private key in a PKCS#8 PrivateKeyInfo container
Link to this section Types
t() :: :public_key.rsa_private_key() | :public_key.ec_private_key()
RSA or EC private key
Link to this section Functions
Attempts to parse a private key in DER (binary) format. Unwraps the PKCS#8 PrivateKeyInfo container, if present.
If the data cannot be parsed as a supported private key type, nil
is
returned.
Attempts to parse a private key in PEM format. Unwraps the PKCS#8 PrivateKeyInfo container, if present.
If the data cannot be parsed as a supported private key type, nil
is
returned.
Options:
:password
- the password used to decrypt an encrypted private key; may be specified as a string or a charlist
new_ec(:crypto.ec_named_curve() | :public_key.oid()) :: :public_key.ec_private_key()
Generates a new private EC private key. To derive the public key, use
X509.PublicKey.derive/1
.
The second parameter must specify a named curve. The curve can be specified as an atom or an OID tuple.
Note that this function uses Erlang/OTP’s :public_key
application, which
does not support all curve names returned by the :crypto.ec_curves/0
function. In particular, the NIST Prime curves must be selected by their
SECG id, e.g. NIST P-256 is :secp256r1
rather than :prime256v1
. Please
refer to RFC4492 appendix A
for a mapping table.
new_rsa(non_neg_integer(), Keyword.t()) :: :public_key.rsa_private_key()
Generates a new private RSA private key. To derive the public key, use
X509.PublicKey.derive/1
.
The key length in bits must be specified as an integer (minimum 256 bits).
The default exponent of 65537 can be overridden using the :exponent
option. Warning: the custom exponent value is not checked for safety!
Converts a private key to DER (binary) format.
Options:
:wrap
- Wrap the private key in a PKCS#8 PrivateKeyInfo container (default:false
)
Converts a private key to PEM format.
Options:
:wrap
- Wrap the private key in a PKCS#8 PrivateKeyInfo container (default:false
)
Extracts a private key from a PKCS#8 PrivateKeyInfo container.
Wraps a private key in a PKCS#8 PrivateKeyInfo container.