Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
package x509
Public keys
Public keys as specified in PKCS 8 are supported in this module.
The type for public keys
type t = [ | `RSA of Mirage_crypto_pk.Rsa.pub| `ED25519 of Mirage_crypto_ec.Ed25519.pub| `P224 of Mirage_crypto_ec.P224.Dsa.pub| `P256 of Mirage_crypto_ec.P256.Dsa.pub| `P384 of Mirage_crypto_ec.P384.Dsa.pub| `P521 of Mirage_crypto_ec.P521.Dsa.pub
]The polymorphic variant of public keys, with PKCS 8 encoding and decoding to PEM.
Operations on public keys
val pp : t Fmt.tpp ppf pub pretty-prints the public key pub on ppf.
val id : t -> Cstruct.tid public_key is digest, the 160-bit `SHA1 hash of the BIT STRING subjectPublicKey (excluding tag, length, and number of unused bits) for publicKeyInfo of public_key.
val fingerprint : ?hash:Mirage_crypto.Hash.hash -> t -> Cstruct.tfingerprint ?hash public_key is digest, the hash (by default SHA256) of the DER encoded public key (equivalent to openssl x509 -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -HASH).
val key_type : t -> Key_type.tkey_type public_key is its key_type.
Cryptographic verify operation
val verify :
Mirage_crypto.Hash.hash ->
?scheme:Key_type.signature_scheme ->
signature:Cstruct.t ->
t ->
[ `Message of Cstruct.t | `Digest of Cstruct.t ] ->
(unit, [> `Msg of string ]) Stdlib.resultverify hash ~scheme ~signature key data verifies whether the signature on data is valid using the key, or not. The signature must be in ASN.1 DER encoding. The scheme defaults to `RSA_PSS for RSA, `ED25519 for ED25519, and `ECDSA for other EC keys.
Decoding and encoding in ASN.1 DER and PEM format
val encode_der : t -> Cstruct.tencode_der pk is buffer, the ASN.1 encoding of the given public key.
val decode_der : Cstruct.t -> (t, [> `Msg of string ]) Stdlib.resultdecode_der buffer is pubkey, the public key of the ASN.1 encoded buffer.
val decode_pem : Cstruct.t -> (t, [> `Msg of string ]) Stdlib.resultdecode_pem pem is t, where the public key of pem is extracted
val encode_pem : t -> Cstruct.tencode_pem public_key is pem, the pem encoded public key.