Expand description

This section collects together goal-oriented documentation.

Customising private key usage

By default rustls supports PKCS#8-format1 RSA or ECDSA keys, plus PKCS#1-format RSA keys.

However, if your private key resides in a HSM, or in another process, or perhaps another machine, rustls has some extension points to support this:

The main trait you must implement is sign::SigningKey. The primary method here is choose_scheme where you are given a set of SignatureSchemes the client says it supports: you must choose one (or return None – this aborts the handshake). Having done that, you return an implementation of the sign::Signer trait. The sign() performs the signature and returns it.

(Unfortunately this is currently designed for keys with low latency access, like in a PKCS#11 provider, Microsoft CryptoAPI, etc. so is blocking rather than asynchronous. It’s a TODO to make these and other extension points async.)

Once you have these two pieces, configuring a server to use them involves, briefly:


  1. For PKCS#8 it does not support password encryption – there’s not a meaningful threat model addressed by this, and the encryption supported is typically extremely poor.