Enum rsa::padding::PaddingScheme

pub enum PaddingScheme {
    PKCS1v15Encrypt,
    PKCS1v15Sign {
        hash_len: Option<usize>,
        prefix: Box<[u8]>,
    },
    OAEP {
        digest: Box<dyn DynDigest + Send + Sync>,
        mgf_digest: Box<dyn DynDigest + Send + Sync>,
        label: Option<String>,
    },
    PSS {
        digest: Box<dyn DynDigest + Send + Sync>,
        salt_len: Option<usize>,
    },
}

Available padding schemes.

Variants

PKCS1v15Encrypt

Encryption and Decryption using PKCS1v15 padding.

PKCS1v15Sign

Fields

hash_len: Option<usize>

Length of hash to use.

prefix: Box<[u8]>

Prefix.

Sign and Verify using PKCS1v15 padding.

OAEP

Fields

digest: Box<dyn DynDigest + Send + Sync>

Digest type to use.

mgf_digest: Box<dyn DynDigest + Send + Sync>

Digest to use for Mask Generation Function (MGF).

label: Option<String>

Optional label.

Encryption and Decryption using OAEP padding.

• digest is used to hash the label. The maximum possible plaintext length is m = k - 2 * h_len - 2, where k is the size of the RSA modulus.
• mgf_digest specifies the hash function that is used in the MGF1.
• label is optional data that can be associated with the message.

The two hash functions can, but don’t need to be the same.

A prominent example is the AndroidKeyStore. It uses SHA-1 for mgf_digest and a user-chosen SHA flavour for digest.

PSS

Fields

digest: Box<dyn DynDigest + Send + Sync>

Digest type to use.

salt_len: Option<usize>

Salt length.

Sign and Verify using PSS padding.

Implementations

impl PaddingScheme

pub fn new_pkcs1v15_encrypt() -> Self

Create new PKCS#1 v1.5 encryption padding.

pub fn new_pkcs1v15_sign_raw() -> Self

Create new PKCS#1 v1.5 padding for computing a raw signature.

This sets hash_len to None and uses an empty prefix.

pub fn new_pkcs1v15_sign<D>() -> Selfwhere
    D: Digest + AssociatedOid,

Create new PKCS#1 v1.5 padding for the given digest.

The digest must have an [AssociatedOid]. Make sure to enable the oid feature of the relevant digest crate.

pub fn new_oaep_with_mgf_hash<T: 'static + Digest + DynDigest + Send + Sync, U: 'static + Digest + DynDigest + Send + Sync>(
) -> Self

Create a new OAEP PaddingScheme, using T as the hash function for the default (empty) label, and U as the hash function for MGF1. If a label is needed use PaddingScheme::new_oaep_with_label or PaddingScheme::new_oaep_with_mgf_hash_with_label.

Example

use sha1::Sha1;
use sha2::Sha256;
use rsa::{BigUint, RsaPublicKey, PaddingScheme, PublicKey};
use base64ct::{Base64, Encoding};

let n = Base64::decode_vec("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap();
let e = Base64::decode_vec("AQAB").unwrap();

let mut rng = rand::thread_rng();
let key = RsaPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap();
let padding = PaddingScheme::new_oaep_with_mgf_hash::<Sha256, Sha1>();
let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap();

pub fn new_oaep<T: 'static + Digest + DynDigest + Send + Sync>() -> Self

Create a new OAEP PaddingScheme, using T as the hash function for both the default (empty) label and for MGF1.

Example

use sha1::Sha1;
use sha2::Sha256;
use rsa::{BigUint, RsaPublicKey, PaddingScheme, PublicKey};
use base64ct::{Base64, Encoding};

let n = Base64::decode_vec("ALHgDoZmBQIx+jTmgeeHW6KsPOrj11f6CvWsiRleJlQpW77AwSZhd21ZDmlTKfaIHBSUxRUsuYNh7E2SHx8rkFVCQA2/gXkZ5GK2IUbzSTio9qXA25MWHvVxjMfKSL8ZAxZyKbrG94FLLszFAFOaiLLY8ECs7g+dXOriYtBwLUJK+lppbd+El+8ZA/zH0bk7vbqph5pIoiWggxwdq3mEz4LnrUln7r6dagSQzYErKewY8GADVpXcq5mfHC1xF2DFBub7bFjMVM5fHq7RK+pG5xjNDiYITbhLYrbVv3X0z75OvN0dY49ITWjM7xyvMWJXVJS7sJlgmCCL6RwWgP8PhcE=").unwrap();
let e = Base64::decode_vec("AQAB").unwrap();

let mut rng = rand::thread_rng();
let key = RsaPublicKey::new(BigUint::from_bytes_be(&n), BigUint::from_bytes_be(&e)).unwrap();
let padding = PaddingScheme::new_oaep::<Sha256>();
let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap();

pub fn new_oaep_with_mgf_hash_with_label<T: 'static + Digest + DynDigest + Send + Sync, U: 'static + Digest + DynDigest + Send + Sync, S: AsRef<str>>(
    label: S
) -> Self

Create a new OAEP PaddingScheme with an associated label, using T as the hash function for the label, and U as the hash function for MGF1.

pub fn new_oaep_with_label<T: 'static + Digest + DynDigest + Send + Sync, S: AsRef<str>>(
    label: S
) -> Self

Create a new OAEP PaddingScheme with an associated label, using T as the hash function for both the label and for MGF1.

pub fn new_pss<T: 'static + Digest + DynDigest + Send + Sync>() -> Self

New PSS padding for the given digest.

pub fn new_pss_with_salt<T: 'static + Digest + DynDigest + Send + Sync>(
    len: usize
) -> Self

New PSS padding for the given digest with a salt value of the given length.

Trait Implementations

impl Debug for PaddingScheme

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.