# [RustCrypto]: PKCS#8 (Private Keys) [![crate][crate-image]][crate-link] [![Docs][docs-image]][docs-link] [![Build Status][build-image]][build-link] ![Apache2/MIT licensed][license-image] ![Rust Version][rustc-image] [![Project Chat][chat-image]][chat-link] Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification ([RFC 5208]). [Documentation][docs-link] ## About PKCS#8 PKCS#8 is a format for cryptographic private keys, often containing pairs of private and public keys. You can identify a PKCS#8 private key encoded as PEM (i.e. text) by the following: ```text -----BEGIN PRIVATE KEY----- ``` PKCS#8 private keys can optionally be encrypted under a password using key derivation algorithms like PBKDF2 and [scrypt], and encrypted with ciphers like AES-CBC. When a PKCS#8 private key has been encrypted, it starts with the following: ```text -----BEGIN ENCRYPTED PRIVATE KEY----- ``` PKCS#8 private keys can also be serialized in an ASN.1-based binary format. The PEM text encoding is a Base64 representation of this format. ## Supported Algorithms This crate is implemented in an algorithm-agnostic manner with the goal of enabling PKCS#8 support for any algorithm. That said, it has been tested for interoperability against keys generated by OpenSSL for the following algorithms: - ECC (`id-ecPublicKey`) - Ed25519 (`id-Ed25519`) - RSA (`id-rsaEncryption`) - X25519 (`id-X25519`) Please open an issue if you encounter trouble using it with a particular algorithm, including the ones listed above or other algorithms. ## Minimum Supported Rust Version This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. ## License Licensed under either of: * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) * [MIT license](http://opensource.org/licenses/MIT) at your option. ### Contribution Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions. [//]: # (badges) [crate-image]: https://img.shields.io/crates/v/pkcs8 [crate-link]: https://crates.io/crates/pkcs8 [docs-image]: https://docs.rs/pkcs8/badge.svg [docs-link]: https://docs.rs/pkcs8/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg [rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [build-image]: https://github.com/RustCrypto/formats/workflows/pkcs8/badge.svg?branch=master&event=push [build-link]: https://github.com/RustCrypto/formats/actions [//]: # (links) [RustCrypto]: https://github.com/rustcrypto [RFC 5208]: https://tools.ietf.org/html/rfc5208 [scrypt]: https://en.wikipedia.org/wiki/Scrypt