Lib.rs

Cryptography
#private-key #key-derivation #encryption-key #key #pkcs #private #key-pair

no-std pkcs8

Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification (RFC 5208), with additional support for PKCS#8v2 asymmetric key packages (RFC 5958)

Owned by Tony Arcieri, Arthur Gautier, Artyom Pavlov, RustCrypto.

32 releases

new 0.11.0-rc.2 Feb 15, 2025
0.11.0-rc.1 Sep 6, 2024
0.11.0-rc.0 Jul 26, 2024
0.11.0-pre.0 Jan 8, 2024
0.0.0 Jun 12, 2020

#502 in Cryptography

Download history 1148450/week @ 2024-10-30 1157452/week @ 2024-11-06 1215721/week @ 2024-11-13 1273922/week @ 2024-11-20 1043805/week @ 2024-11-27 1275035/week @ 2024-12-04 1370153/week @ 2024-12-11 1017703/week @ 2024-12-18 503846/week @ 2024-12-25 958018/week @ 2025-01-01 1553493/week @ 2025-01-08 1431503/week @ 2025-01-15 1598462/week @ 2025-01-22 1754513/week @ 2025-01-29 1859289/week @ 2025-02-05 1524865/week @ 2025-02-12

7,000,275 downloads per month
Used in 4,010 crates (91 directly)

Apache-2.0 OR MIT

435KB
10K SLoC

RustCrypto: PKCS#8 (Private Keys)

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification (RFC 5208).

Documentation

About PKCS#8

PKCS#8 is a format for cryptographic private keys, often containing pairs of private and public keys.

You can identify a PKCS#8 private key encoded as PEM (i.e. text) by the following:

-----BEGIN PRIVATE KEY-----

PKCS#8 private keys can optionally be encrypted under a password using key derivation algorithms like PBKDF2 and scrypt, and encrypted with ciphers like AES-CBC. When a PKCS#8 private key has been encrypted, it starts with the following:

-----BEGIN ENCRYPTED PRIVATE KEY-----

PKCS#8 private keys can also be serialized in an ASN.1-based binary format. The PEM text encoding is a Base64 representation of this format.

Supported Algorithms

This crate is implemented in an algorithm-agnostic manner with the goal of enabling PKCS#8 support for any algorithm.

That said, it has been tested for interoperability against keys generated by OpenSSL for the following algorithms:

  • ECC (id-ecPublicKey)
  • Ed25519 (id-Ed25519)
  • RSA (id-rsaEncryption)
  • X25519 (id-X25519)

Please open an issue if you encounter trouble using it with a particular algorithm, including the ones listed above or other algorithms.

Minimum Supported Rust Version

This crate requires Rust 1.71 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~0.3–5.5MB
~18K SLoC