Expand description
Author-blinded RSASSA-PSS RSAE signatures.
This is an implementation of the RSA Blind Signatures (RFC 9474), based on the Zig implementation.
use blind_rsa_signatures::{KeyPair, Sha384, PSS, Randomized, DefaultRng};
// [SERVER]: Generate a RSA-2048 key pair
let kp = KeyPair::<Sha384, PSS, Randomized>::generate(&mut DefaultRng, 2048)?;
let (pk, sk) = (kp.pk, kp.sk);
// [CLIENT]: create a random message and blind it for the server whose public key is `pk`.
// The client must store the message and the secret.
let msg = b"test";
let blinding_result = pk.blind(&mut DefaultRng, msg)?;
// [SERVER]: compute a signature for a blind message, to be sent to the client.
// The client secret should not be sent to the server.
let blind_sig = sk.blind_sign(&blinding_result.blind_message)?;
// [CLIENT]: later, when the client wants to redeem a signed blind message,
// using the blinding secret, it can locally compute the signature of the
// original message.
// The client then owns a new valid (message, signature) pair, and the
// server cannot link it to a previous (blinded message, blind signature) pair.
// Note that the finalization function also verifies that the new signature
// is correct for the server public key.
let sig = pk.finalize(&blind_sig, &blinding_result, msg)?;
// [SERVER]: a non-blind signature can be verified using the server's public key.
pk.verify(&sig, blinding_result.msg_randomizer, msg)?;Modules§
Structs§
- Blind
Message - A blind message
- Blind
Rsa - Blind RSA signatures with compile-time parameters.
- Blind
Signature - A blind signature
- Blinding
Result - Result of a blinding operation
- Default
Rng - Default random number generator
- Deterministic
- Deterministic message preparation
- KeyPair
- An RSA key pair
- Message
Randomizer - A message randomizer (noise added as a prefix to the message)
- PSS
- PSS mode with salt (salt length = hash output length)
- PSSZero
- PSS mode without salt (salt length = 0)
- Public
Key - An RSA public key
- Randomized
- Randomized message preparation
- Secret
- A blinding secret factor
- Secret
Key - An RSA secret key
- Sha256
- SHA-256 hash algorithm
- Sha384
- SHA-384 hash algorithm
- Sha512
- SHA-512 hash algorithm
- Signature
- A (non-blind) signature
Enums§
Traits§
- Hash
Algorithm - Message
Prepare - Trait for message preparation mode (compile-time parameter)
The only valid implementations are
RandomizedandDeterministic. - Salt
Mode - Trait for PSS salt mode (compile-time parameter)
The only valid implementations are
PSSandPSSZero.
Type Aliases§
- Blind
RsaKey Pair - Type alias for KeyPair with the same parameters as BlindRsa
- Blind
RsaPublic Key - Type alias for PublicKey with the same parameters as BlindRsa
- Blind
RsaSecret Key - Type alias for SecretKey with the same parameters as BlindRsa
- Blind
RsaSha384PSS Deterministic - RSABSSA-SHA384-PSS-Deterministic
- Blind
RsaSha384PSS Randomized - RSABSSA-SHA384-PSS-Randomized (RFC 9474 recommended)
- Blind
RsaSha384PSS Zero Deterministic - RSABSSA-SHA384-PSSZERO-Deterministic
- Blind
RsaSha384PSS Zero Randomized - RSABSSA-SHA384-PSSZERO-Randomized
- KeyPair
Sha384PSS Deterministic - Key pair for RSABSSA-SHA384-PSS-Deterministic
- KeyPair
Sha384PSS Randomized - Key pair for RSABSSA-SHA384-PSS-Randomized (RFC 9474 recommended)
- KeyPair
Sha384PSS Zero Deterministic - Key pair for RSABSSA-SHA384-PSSZERO-Deterministic
- KeyPair
Sha384PSS Zero Randomized - Key pair for RSABSSA-SHA384-PSSZERO-Randomized
- Public
KeySha384PSS Deterministic - Public key for RSABSSA-SHA384-PSS-Deterministic
- Public
KeySha384PSS Randomized - Public key for RSABSSA-SHA384-PSS-Randomized (RFC 9474 recommended)
- Public
KeySha384PSS Zero Deterministic - Public key for RSABSSA-SHA384-PSSZERO-Deterministic
- Public
KeySha384PSS Zero Randomized - Public key for RSABSSA-SHA384-PSSZERO-Randomized
- Secret
KeySha384PSS Deterministic - Secret key for RSABSSA-SHA384-PSS-Deterministic
- Secret
KeySha384PSS Randomized - Secret key for RSABSSA-SHA384-PSS-Randomized (RFC 9474 recommended)
- Secret
KeySha384PSS Zero Deterministic - Secret key for RSABSSA-SHA384-PSSZERO-Deterministic
- Secret
KeySha384PSS Zero Randomized - Secret key for RSABSSA-SHA384-PSSZERO-Randomized