8 releases
Uses new Rust 2024
| 0.3.0-rc1 | Jan 14, 2026 |
|---|---|
| 0.2.0 | Jul 8, 2025 |
| 0.1.5 | Apr 1, 2025 |
| 0.1.4 | Jan 29, 2025 |
| 0.1.1 | Mar 19, 2024 |
#142 in Cryptography
241,575 downloads per month
Used in 16 crates
(4 directly)
70KB
1.5K
SLoC
PKCS#12 library written in pure Rust
Overview
This project contains a simple to use high-level library to work with PKCS#12/PFX keystores, written in pure Rust, modeled after Java KeyStore API.
Features:
- Single- and multi-keychain PKCS#12
- Support for 'truststores' with only CA root certificates
- Modern and legacy encryption schemes
- Able to read and write Java-compatible keystores
- Support for secret keys and generation of secret keys compatible to Java
Limitations:
- MD5-based encryption schemes are not supported
- Single password is used to encrypt both private keys and certificate data in one store
- Non-encrypted stores are not supported
Usage example:
use p12_keystore::KeyStore;
const PASSWORD: &str = "changeit";
fn main() -> Result<(), Box<dyn std::error::Error>> {
let data = std::fs::read(std::env::args().nth(1).unwrap())?;
let keystore = KeyStore::from_pkcs12(&data, PASSWORD)?;
if let Some((alias, chain)) = keystore.private_key_chain() {
println!(
"Private key chain found, alias: {}, subject: {}",
alias,
chain.certs()[0].subject()
);
}
Ok(())
}
License
Licensed under MIT or Apache license (LICENSE-MIT or LICENSE-APACHE)
Dependencies
~8MB
~156K SLoC