elliptic-curve: PKCS#8 PEM support

Support for decoding PEM-encoded PKCS#8 `SecretKey`s

.github/workflows/elliptic-curve.yml

@@ -38,6 +38,8 @@ jobs:
  - run: cargo build --no-default-features --release --target ${{ matrix.target }}
  - run: cargo build --no-default-features --release --target ${{ matrix.target }} --features arithmetic
  - run: cargo build --no-default-features --release --target ${{ matrix.target }} --features ecdh
+ - run: cargo build --no-default-features --release --target ${{ matrix.target }} --features pem
+ - run: cargo build --no-default-features --release --target ${{ matrix.target }} --features pkcs8
  - run: cargo build --no-default-features --release --target ${{ matrix.target }} --features zeroize
  test:
  runs-on: ubuntu-latest

elliptic-curve/Cargo.toml

@@ -33,6 +33,7 @@ default = ["arithmetic"]
 alloc = []
 arithmetic = ["bitvec", "ff", "group"]
 ecdh = ["arithmetic", "zeroize"]
+pem = ["pkcs8/pem"]
 std = ["alloc"]
 
 [package.metadata.docs.rs]

elliptic-curve/src/secret_key.rs

@@ -115,6 +115,7 @@ where
  }
 
  /// Deserialize PKCS#8-encoded private key from ASN.1 DER
+ /// (binary format).
  #[cfg(feature = "pkcs8")]
  #[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
  pub fn from_pkcs8_der(bytes: &[u8]) -> Result<Self, Error>
@@ -132,6 +133,22 @@ where
  Self::from_pkcs8_private_key(private_key_info.private_key)
  }
 
+ /// Deserialize PKCS#8-encoded private key from PEM.
+ ///
+ /// Keys in this format begin with the following delimiter:
+ ///
+ /// ```text
+ /// -----BEGIN PRIVATE KEY-----
+ /// ```
+ #[cfg(feature = "pem")]
+ #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
+ pub fn from_pkcs8_pem(s: &str) -> Result<Self, Error>
+ where
+ C: AlgorithmParameters,
+ {
+ Self::from_pkcs8_der(pkcs8::Document::from_pem(s)?.as_ref())
+ }
+
  /// Parse the `private_key` field of a PKCS#8-encoded private key's
  /// `PrivateKeyInfo`.
  #[cfg(feature = "pkcs8")]