Module Auth.Secret_key

type t

A vat's secret_key allows it to prove its identity to other vats.

val generate : unit -> t

generate () is a fresh secret key. You must use e.g. Mirage_crypto_rng_eio.run to set a source of randomness before using this (it will raise an error if you forget).

val digest : ?hash:hash -> t -> Digest.t

digest ~hash t is the digest of t's public key, using hash.

val of_pem_data : string -> t

of_pem_data data parses data as a PEM-encoded private key.

val to_pem_data : t -> string

to_pem_data t returns t as a PEM-encoded private key.

val tls_client_config : t -> authenticator:X509.Authenticator.t -> Tls.Config.client

tls_client_config t ~authenticator is the TLS client configuration to use for a vat with secret key t, attempting to connect to a vat that can be authenticated with authenticator.

val tls_server_config : t -> Tls.Config.server

tls_server_config t is the TLS server configuration to use for a vat with secret key t.

val pp_fingerprint : hash -> t Fmt.t

pp_fingerprint hash formats the hash of t's public key.

val equal : t -> t -> bool