Enum rsa::padding::PaddingScheme

source · [−]

pub enum PaddingScheme {
    PKCS1v15Encrypt,
    PKCS1v15Sign {
        hash: Option<Hash>,
    },
    OAEP {
        digest: Box<dyn DynDigest>,
        mgf_digest: Box<dyn DynDigest>,
        label: Option<String>,
    },
    PSS {
        salt_rng: Box<dyn RngCore>,
        digest: Box<dyn DynDigest>,
        salt_len: Option<usize>,
    },
}

Expand description

Available padding schemes.

Variants

`PKCS1v15Encrypt`

Encryption and Decryption using PKCS1v15 padding.

`PKCS1v15Sign`

Fields

hash: Option<Hash>

Sign and Verify using PKCS1v15 padding.

`OAEP`

Fields

digest: Box<dyn DynDigest>

mgf_digest: Box<dyn DynDigest>

label: Option<String>

Encryption and Decryption using OAEP padding.

digest is used to hash the label. The maximum possible plaintext length is m = k - 2 * h_len - 2, where k is the size of the RSA modulus.
mgf_digest specifies the hash function that is used in the MGF1.
label is optional data that can be associated with the message.

The two hash functions can, but don’t need to be the same. A prominent example is the AndroidKeyStore. It uses SHA-1 for mgf_digest and a user-chosen SHA flavour for digest.

`PSS`

Fields

salt_rng: Box<dyn RngCore>

digest: Box<dyn DynDigest>

salt_len: Option<usize>

Sign and Verify using PSS padding.

Implementations

source

pub fn new_oaep_with_mgf_hash<T: 'static + Digest + DynDigest, U: 'static + Digest + DynDigest>(
) -> Self

Create a new OAEP PaddingScheme, using T as the hash function for the default (empty) label, and U as the hash function for MGF1. If a label is needed use PaddingScheme::new_oaep_with_label or PaddingScheme::new_oaep_with_mgf_hash_with_label.

Example

use sha1::Sha1;
use sha2::Sha256;
use rsa::{BigUint, RsaPublicKey, PaddingScheme, PublicKey};
use base64ct::{Base64, Encoding};

let n = Base64::decode_vec("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap();
let e = Base64::decode_vec("AQAB").unwrap();

let mut rng = rand::thread_rng();
let key = RsaPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap();
let padding = PaddingScheme::new_oaep_with_mgf_hash::<Sha256, Sha1>();
let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap();

source

pub fn new_oaep<T: 'static + Digest + DynDigest>() -> Self

Create a new OAEP PaddingScheme, using T as the hash function for both the default (empty) label and for MGF1.

Example

use sha1::Sha1;
use sha2::Sha256;
use rsa::{BigUint, RsaPublicKey, PaddingScheme, PublicKey};
use base64ct::{Base64, Encoding};

let n = Base64::decode_vec("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap();
let e = Base64::decode_vec("AQAB").unwrap();

let mut rng = rand::thread_rng();
let key = RsaPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap();
let padding = PaddingScheme::new_oaep::<Sha256>();
let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap();