Enum rsa::padding::PaddingScheme [−][src]
pub enum PaddingScheme { PKCS1v15Encrypt, PKCS1v15Sign { hash: Option<Hash>, }, OAEP { digest: Box<dyn DynDigest>, mgf_digest: Box<dyn DynDigest>, label: Option<String>, }, PSS { salt_rng: Box<dyn RngCore>, digest: Box<dyn DynDigest>, salt_len: Option<usize>, }, }
Expand description
Available padding schemes.
Variants
Encryption and Decryption using PKCS1v15 padding.
Sign and Verify using PKCS1v15 padding.
Encryption and Decryption using OAEP padding.
digest
is used to hash the label. The maximum possible plaintext length ism = k - 2 * h_len - 2
, wherek
is the size of the RSA modulus.mgf_digest
specifies the hash function that is used in the MGF1.label
is optional data that can be associated with the message.
The two hash functions can, but don’t need to be the same.
A prominent example is the AndroidKeyStore
.
It uses SHA-1 for mgf_digest
and a user-chosen SHA flavour for digest
.
Sign and Verify using PSS padding.
Implementations
Create a new OAEP PaddingScheme
, using T
as the hash function for the default (empty) label, and U
as the hash function for MGF1.
If a label is needed use PaddingScheme::new_oaep_with_label
or PaddingScheme::new_oaep_with_mgf_hash_with_label
.
Example
use sha1::Sha1; use sha2::Sha256; use rand::rngs::OsRng; use rsa::{BigUint, RSAPublicKey, PaddingScheme, PublicKey}; let n = base64::decode("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap(); let e = base64::decode("AQAB").unwrap(); let key = RSAPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap(); let padding = PaddingScheme::new_oaep_with_mgf_hash::<Sha256, Sha1>(); let encrypted_data = key.encrypt(&mut OsRng, padding, b"secret").unwrap();
Create a new OAEP PaddingScheme
, using T
as the hash function for both the default (empty) label and for MGF1.
Example
use sha1::Sha1; use sha2::Sha256; use rand::rngs::OsRng; use rsa::{BigUint, RSAPublicKey, PaddingScheme, PublicKey}; let n = base64::decode("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap(); let e = base64::decode("AQAB").unwrap(); let key = RSAPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap(); let padding = PaddingScheme::new_oaep::<Sha256>(); let encrypted_data = key.encrypt(&mut OsRng, padding, b"secret").unwrap();
Create a new OAEP PaddingScheme
with an associated label
, using T
as the hash function for the label, and U
as the hash function for MGF1.
Create a new OAEP PaddingScheme
with an associated label
, using T
as the hash function for both the label and for MGF1.
Trait Implementations
Auto Trait Implementations
impl !RefUnwindSafe for PaddingScheme
impl !Send for PaddingScheme
impl !Sync for PaddingScheme
impl Unpin for PaddingScheme
impl !UnwindSafe for PaddingScheme