Remove TryFrom impls

The `TryFrom` impl doesn't communicate that these bytes need to be DER-encoded. Forcing the user to use the constructor makes this obvious.

CHANGELOG.md

@@ -1,6 +1,10 @@
 
 # Changes
 
+## Unreleased
+
+- Remove `TryFrom<[u8]>` and `TryFrom<Vec<u8>>` for `KeyPair` in favor of the more descriptive `KeyPair::from_der`.
+
 ## Release 0.11.3 - October 1, 2023
 
 - Fix for import errors building without the optional `pem` feature.

examples/rsa-irc.rs

@@ -19,7 +19,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
 	let bits = 2048;
 	let private_key = RsaPrivateKey::new(&mut rng, bits)?;
 	let private_key_der = private_key.to_pkcs8_der()?;
-	let key_pair = rcgen::KeyPair::try_from(private_key_der.as_bytes()).unwrap();
+	let key_pair = rcgen::KeyPair::from_der(private_key_der.as_bytes()).unwrap();
 	params.key_pair = Some(key_pair);
 
 	let cert = Certificate::from_params(params)?;

src/key_pair.rs

@@ -3,7 +3,6 @@ use pem::Pem;
 use ring::rand::SystemRandom;
 use ring::signature::KeyPair as RingKeyPair;
 use ring::signature::{self, EcdsaKeyPair, Ed25519KeyPair, RsaEncoding, RsaKeyPair};
-use std::convert::TryFrom;
 use std::fmt;
 use yasna::DERWriter;
 
@@ -56,7 +55,7 @@ impl KeyPair {
 	///
 	/// Equivalent to using the [`TryFrom`] implementation.
 	pub fn from_der(der: &[u8]) -> Result<Self, RcgenError> {
-		Ok(der.try_into()?)
+		Ok(KeyPair::from_raw(der)?)
 	}
 	/// Returns the key pair's signature algorithm
 	pub fn algorithm(&self) -> &'static SignatureAlgorithm {
@@ -67,7 +66,7 @@ impl KeyPair {
 	pub fn from_pem(pem_str: &str) -> Result<Self, RcgenError> {
 		let private_key = pem::parse(pem_str)?;
 		let private_key_der: &[_] = private_key.contents();
-		Ok(private_key_der.try_into()?)
+		Ok(KeyPair::from_raw(private_key_der)?)
 	}
 
 	/// Obtains the key pair from a raw public key and a remote private key
@@ -186,22 +185,6 @@ pub trait RemoteKeyPair {
 	fn algorithm(&self) -> &'static SignatureAlgorithm;
 }
 
-impl TryFrom<&[u8]> for KeyPair {
-	type Error = RcgenError;
-
-	fn try_from(pkcs8: &[u8]) -> Result<KeyPair, RcgenError> {
-		KeyPair::from_raw(pkcs8)
-	}
-}
-
-impl TryFrom<Vec<u8>> for KeyPair {
-	type Error = RcgenError;
-
-	fn try_from(pkcs8: Vec<u8>) -> Result<KeyPair, RcgenError> {
-		KeyPair::from_raw(&pkcs8)
-	}
-}
-
 impl KeyPair {
 	/// Generate a new random key pair for the specified signature algorithm
 	pub fn generate(alg: &'static SignatureAlgorithm) -> Result<Self, RcgenError> {

tests/botan.rs

@@ -1,10 +1,10 @@
 #![cfg(feature = "x509-parser")]
 
-use rcgen::DnValue;
 use rcgen::{BasicConstraints, Certificate, CertificateParams, DnType, IsCa};
 use rcgen::{
 	CertificateRevocationList, CertificateRevocationListParams, RevocationReason, RevokedCertParams,
 };
+use rcgen::{DnValue, KeyPair};
 use rcgen::{KeyUsagePurpose, SerialNumber};
 use time::{Duration, OffsetDateTime};
 
@@ -172,7 +172,6 @@ fn test_botan_separate_ca() {
 #[cfg(feature = "x509-parser")]
 #[test]
 fn test_botan_imported_ca() {
-	use std::convert::TryInto;
 	let mut params = default_params();
 	params.is_ca = IsCa::Ca(BasicConstraints::Unconstrained);
 	let ca_cert = Certificate::from_params(params).unwrap();
@@ -182,7 +181,7 @@ fn test_botan_imported_ca() {
 		ca_cert.serialize_private_key_der(),
 	);
 
-	let ca_key_pair = ca_key_der.as_slice().try_into().unwrap();
+	let ca_key_pair = KeyPair::from_der(ca_key_der.as_slice()).unwrap();
 	let imported_ca_cert_params =
 		CertificateParams::from_ca_cert_der(ca_cert_der.as_slice(), ca_key_pair).unwrap();
 	let imported_ca_cert = Certificate::from_params(imported_ca_cert_params).unwrap();
@@ -205,7 +204,6 @@ fn test_botan_imported_ca() {
 #[cfg(feature = "x509-parser")]
 #[test]
 fn test_botan_imported_ca_with_printable_string() {
-	use std::convert::TryInto;
 	let mut params = default_params();
 	params.distinguished_name.push(
 		DnType::CountryName,
@@ -219,7 +217,7 @@ fn test_botan_imported_ca_with_printable_string() {
 		ca_cert.serialize_private_key_der(),
 	);
 
-	let ca_key_pair = ca_key_der.as_slice().try_into().unwrap();
+	let ca_key_pair = KeyPair::from_der(ca_key_der.as_slice()).unwrap();
 	let imported_ca_cert_params =
 		CertificateParams::from_ca_cert_der(ca_cert_der.as_slice(), ca_key_pair).unwrap();
 	let imported_ca_cert = Certificate::from_params(imported_ca_cert_params).unwrap();

tests/webpki.rs

@@ -404,7 +404,6 @@ fn test_webpki_separate_ca_name_constraints() {
 #[cfg(feature = "x509-parser")]
 #[test]
 fn test_webpki_imported_ca() {
-	use std::convert::TryInto;
 	let mut params = util::default_params();
 	params.is_ca = IsCa::Ca(BasicConstraints::Unconstrained);
 	let ca_cert = Certificate::from_params(params).unwrap();
@@ -414,7 +413,7 @@ fn test_webpki_imported_ca() {
 		ca_cert.serialize_private_key_der(),
 	);
 
-	let ca_key_pair = ca_key_der.as_slice().try_into().unwrap();
+	let ca_key_pair = KeyPair::from_der(ca_key_der.as_slice()).unwrap();
 	let imported_ca_cert_params =
 		CertificateParams::from_ca_cert_der(ca_cert_der.as_slice(), ca_key_pair).unwrap();
 	let imported_ca_cert = Certificate::from_params(imported_ca_cert_params).unwrap();
@@ -443,7 +442,6 @@ fn test_webpki_imported_ca() {
 #[cfg(feature = "x509-parser")]
 #[test]
 fn test_webpki_imported_ca_with_printable_string() {
-	use std::convert::TryInto;
 	let mut params = util::default_params();
 	params.distinguished_name.push(
 		DnType::CountryName,
@@ -457,7 +455,7 @@ fn test_webpki_imported_ca_with_printable_string() {
 		ca_cert.serialize_private_key_der(),
 	);
 
-	let ca_key_pair = ca_key_der.as_slice().try_into().unwrap();
+	let ca_key_pair = KeyPair::from_der(ca_key_der.as_slice()).unwrap();
 	let imported_ca_cert_params =
 		CertificateParams::from_ca_cert_der(ca_cert_der.as_slice(), ca_key_pair).unwrap();
 	let imported_ca_cert = Certificate::from_params(imported_ca_cert_params).unwrap();