Skip to content

Implement From<&'a KeyPair> for PrivateKeyDer<'a> #403

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
LebedevRI wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Implement From<&'a KeyPair> for PrivateKeyDer<'a> #403

LebedevRI wants to merge 1 commit into from
+42 −0

Conversation

@LebedevRI
Copy link

@LebedevRI LebedevRI commented Dec 24, 2025

I've stumbled into this when trying to write a simple rustls-driven server with self-signed cert.

The "obvious" and safe way to go from KeyPair to PrivateKeyDer seems to round-tripping via PEM:

rustls::pki_types::PrivateKeyDer::from_pem_slice(
            signing_key.serialize_pem().as_bytes(),
        )

But rcgen::key_pair::KeyPair::serialized_der() is

/// Returns a reference to the serialized key pair (including the private key)
/// in PKCS#8 format in DER

and PrivateKeyDer can be constructed from such a input.
This avoids memory allocation and PEM roundtripping,
both of which are optional features anyways,
and this conversion is non-failing.

Perhaps it makes sense to provide this QOL interface?

@LebedevRI
Implement From<&'a KeyPair> for PrivateKeyDer<'a>
2de3e3c 
The "obvious" and safe way to go from `KeyPair` to `PrivateKeyDer`
seems to round-tripping via PEM:
```
rustls::pki_types::PrivateKeyDer::from_pem_slice(
            signing_key.serialize_pem().as_bytes(),
        )
```

But `rcgen::key_pair::KeyPair::serialized_der()` is
```
/// Returns a reference to the serialized key pair (including the private key)
/// in PKCS#8 format in DER
```
and `PrivateKeyDer` can be constructed from such a input.
This avoids memory allocation and PEM roundtripping,
both of which are optional features anyways,
and this conversion is non-failing.

Perhaps it makes sense to provide this QOL interface?
@LebedevRI LebedevRI force-pushed the PrivateKeyDer-from-KeyPair branch from 9a630fb to 2de3e3c Compare December 24, 2025 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@LebedevRI