rsa/lib.rs
1#![cfg_attr(not(test), no_std)]
2#![cfg_attr(docsrs, feature(doc_auto_cfg))]
3#![doc = include_str!("../README.md")]
4#![doc(html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo_small.png")]
5#![warn(missing_docs)]
6
7//! # Supported algorithms
8//!
9//! This crate supports several schemes described in [RFC8017]:
10//!
11//! - [OAEP encryption scheme](#oaep-encryption)
12//! - [PKCS#1 v1.5 encryption scheme](#pkcs1-v15-encryption)
13//! - [PKCS#1 v1.5 signature scheme](#pkcs1-v15-signatures)
14//! - [PSS signature scheme](#pss-signatures)
15//!
16//! These schemes are described below.
17//!
18//! # Usage
19//!
20//! ## OAEP encryption
21//!
22//! Note: requires `sha2` feature of `rsa` crate is enabled.
23//!
24#![cfg_attr(feature = "sha2", doc = "```")]
25#![cfg_attr(not(feature = "sha2"), doc = "```ignore")]
26//! use rsa::{RsaPrivateKey, RsaPublicKey, Oaep, sha2::Sha256};
27//!
28//! let mut rng = rand::thread_rng(); // rand@0.8
29//!
30//! let bits = 2048;
31//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
32//! let public_key = RsaPublicKey::from(&private_key);
33//!
34//! // Encrypt
35//! let data = b"hello world";
36//! let padding = Oaep::new::<Sha256>();
37//! let enc_data = public_key.encrypt(&mut rng, padding, &data[..]).expect("failed to encrypt");
38//! assert_ne!(&data[..], &enc_data[..]);
39//!
40//! // Decrypt
41//! let padding = Oaep::new::<Sha256>();
42//! let dec_data = private_key.decrypt(padding, &enc_data).expect("failed to decrypt");
43//! assert_eq!(&data[..], &dec_data[..]);
44//! ```
45//!
46//! ## PKCS#1 v1.5 encryption
47//! ```
48//! use rsa::{RsaPrivateKey, RsaPublicKey, Pkcs1v15Encrypt};
49//!
50//! let mut rng = rand::thread_rng(); // rand@0.8
51//!
52//! let bits = 2048;
53//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
54//! let public_key = RsaPublicKey::from(&private_key);
55//!
56//! // Encrypt
57//! let data = b"hello world";
58//! let enc_data = public_key.encrypt(&mut rng, Pkcs1v15Encrypt, &data[..]).expect("failed to encrypt");
59//! assert_ne!(&data[..], &enc_data[..]);
60//!
61//! // Decrypt
62//! let dec_data = private_key.decrypt(Pkcs1v15Encrypt, &enc_data).expect("failed to decrypt");
63//! assert_eq!(&data[..], &dec_data[..]);
64//! ```
65//!
66//! ## PKCS#1 v1.5 signatures
67//!
68//! Note: requires `sha2` feature of `rsa` crate is enabled.
69//!
70#![cfg_attr(feature = "sha2", doc = "```")]
71#![cfg_attr(not(feature = "sha2"), doc = "```ignore")]
72//! use rsa::RsaPrivateKey;
73//! use rsa::pkcs1v15::{SigningKey, VerifyingKey};
74//! use rsa::signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
75//! use rsa::sha2::{Digest, Sha256};
76//!
77//! let mut rng = rand::thread_rng(); // rand@0.8
78//!
79//! let bits = 2048;
80//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
81//! let signing_key = SigningKey::<Sha256>::new(private_key);
82//! let verifying_key = signing_key.verifying_key();
83//!
84//! // Sign
85//! let data = b"hello world";
86//! let signature = signing_key.sign_with_rng(&mut rng, data);
87//! assert_ne!(signature.to_bytes().as_ref(), data.as_slice());
88//!
89//! // Verify
90//! verifying_key.verify(data, &signature).expect("failed to verify");
91//! ```
92//!
93//! ## PSS signatures
94//!
95//! Note: requires `sha2` feature of `rsa` crate is enabled.
96//!
97#![cfg_attr(feature = "sha2", doc = "```")]
98#![cfg_attr(not(feature = "sha2"), doc = "```ignore")]
99//! use rsa::RsaPrivateKey;
100//! use rsa::pss::{BlindedSigningKey, VerifyingKey};
101//! use rsa::signature::{Keypair,RandomizedSigner, SignatureEncoding, Verifier};
102//! use rsa::sha2::{Digest, Sha256};
103//!
104//! let mut rng = rand::thread_rng(); // rand@0.8
105//!
106//! let bits = 2048;
107//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
108//! let signing_key = BlindedSigningKey::<Sha256>::new(private_key);
109//! let verifying_key = signing_key.verifying_key();
110//!
111//! // Sign
112//! let data = b"hello world";
113//! let signature = signing_key.sign_with_rng(&mut rng, data);
114//! assert_ne!(signature.to_bytes().as_ref(), data);
115//!
116//! // Verify
117//! verifying_key.verify(data, &signature).expect("failed to verify");
118//! ```
119//!
120//! ## PKCS#1 RSA Key Encoding
121//!
122//! PKCS#1 supports a legacy format for encoding RSA keys as binary (DER) or
123//! text (PEM) data.
124//!
125//! You can recognize PEM encoded PKCS#1 keys because they have "RSA * KEY" in
126//! the type label, e.g.:
127//!
128//! ```text
129//! -----BEGIN RSA PRIVATE KEY-----
130//! ```
131//!
132//! Most modern applications use the newer PKCS#8 format instead (see below).
133//!
134//! The following traits can be used to decode/encode [`RsaPrivateKey`] and
135//! [`RsaPublicKey`] as PKCS#1. Note that [`pkcs1`] is re-exported from the
136//! toplevel of the `rsa` crate:
137//!
138//! - [`pkcs1::DecodeRsaPrivateKey`]: decode RSA private keys from PKCS#1
139//! - [`pkcs1::EncodeRsaPrivateKey`]: encode RSA private keys to PKCS#1
140//! - [`pkcs1::DecodeRsaPublicKey`]: decode RSA public keys from PKCS#1
141//! - [`pkcs1::EncodeRsaPublicKey`]: encode RSA public keys to PKCS#1
142//!
143//! ### Example
144//!
145//! ```
146//! # fn main() -> Result<(), Box<dyn std::error::Error>> {
147//! # #[cfg(all(feature = "pem", feature = "std"))]
148//! # {
149//! use rsa::{RsaPublicKey, pkcs1::DecodeRsaPublicKey};
150//!
151//! let pem = "-----BEGIN RSA PUBLIC KEY-----
152//! MIIBCgKCAQEAtsQsUV8QpqrygsY+2+JCQ6Fw8/omM71IM2N/R8pPbzbgOl0p78MZ
153//! GsgPOQ2HSznjD0FPzsH8oO2B5Uftws04LHb2HJAYlz25+lN5cqfHAfa3fgmC38Ff
154//! wBkn7l582UtPWZ/wcBOnyCgb3yLcvJrXyrt8QxHJgvWO23ITrUVYszImbXQ67YGS
155//! 0YhMrbixRzmo2tpm3JcIBtnHrEUMsT0NfFdfsZhTT8YbxBvA8FdODgEwx7u/vf3J
156//! 9qbi4+Kv8cvqyJuleIRSjVXPsIMnoejIn04APPKIjpMyQdnWlby7rNyQtE4+CV+j
157//! cFjqJbE/Xilcvqxt6DirjFCvYeKYl1uHLwIDAQAB
158//! -----END RSA PUBLIC KEY-----";
159//!
160//! let public_key = RsaPublicKey::from_pkcs1_pem(pem)?;
161//! # }
162//! # Ok(())
163//! # }
164//! ```
165//!
166//! ## PKCS#8 RSA Key Encoding
167//!
168//! PKCS#8 is a private key format with support for multiple algorithms.
169//! Like PKCS#1, it can be encoded as binary (DER) or text (PEM).
170//!
171//! You can recognize PEM encoded PKCS#8 keys because they *don't* have
172//! an algorithm name in the type label, e.g.:
173//!
174//! ```text
175//! -----BEGIN PRIVATE KEY-----
176//! ```
177//!
178//! The following traits can be used to decode/encode [`RsaPrivateKey`] and
179//! [`RsaPublicKey`] as PKCS#8. Note that [`pkcs8`] is re-exported from the
180//! toplevel of the `rsa` crate:
181//!
182//! - [`pkcs8::DecodePrivateKey`]: decode private keys from PKCS#8
183//! - [`pkcs8::EncodePrivateKey`]: encode private keys to PKCS#8
184//! - [`pkcs8::DecodePublicKey`]: decode public keys from PKCS#8
185//! - [`pkcs8::EncodePublicKey`]: encode public keys to PKCS#8
186//!
187//! ### Example
188//!
189//! ```
190//! # fn main() -> Result<(), Box<dyn std::error::Error>> {
191//! # #[cfg(all(feature = "pem", feature = "std"))]
192//! # {
193//! use rsa::{RsaPublicKey, pkcs8::DecodePublicKey};
194//!
195//! let pem = "-----BEGIN PUBLIC KEY-----
196//! MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsQsUV8QpqrygsY+2+JC
197//! Q6Fw8/omM71IM2N/R8pPbzbgOl0p78MZGsgPOQ2HSznjD0FPzsH8oO2B5Uftws04
198//! LHb2HJAYlz25+lN5cqfHAfa3fgmC38FfwBkn7l582UtPWZ/wcBOnyCgb3yLcvJrX
199//! yrt8QxHJgvWO23ITrUVYszImbXQ67YGS0YhMrbixRzmo2tpm3JcIBtnHrEUMsT0N
200//! fFdfsZhTT8YbxBvA8FdODgEwx7u/vf3J9qbi4+Kv8cvqyJuleIRSjVXPsIMnoejI
201//! n04APPKIjpMyQdnWlby7rNyQtE4+CV+jcFjqJbE/Xilcvqxt6DirjFCvYeKYl1uH
202//! LwIDAQAB
203//! -----END PUBLIC KEY-----";
204//!
205//! let public_key = RsaPublicKey::from_public_key_pem(pem)?;
206//! # }
207//! # Ok(())
208//! # }
209//! ```
210//!
211//! [RFC8017]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.1
212//!
213// TODO(tarcieri): figure out why rustdoc isn't rendering these links correctly
214//! [`pkcs8::DecodePublicKey`]: https://docs.rs/pkcs8/latest/pkcs8/trait.DecodePublicKey.html
215//! [`pkcs8::EncodePublicKey`]: https://docs.rs/pkcs8/latest/pkcs8/trait.EncodePublicKey.html
216
217#[cfg(doctest)]
218pub struct ReadmeDoctests;
219
220#[macro_use]
221extern crate alloc;
222#[cfg(feature = "std")]
223extern crate std;
224
225pub use num_bigint::BigUint;
226pub use rand_core;
227pub use signature;
228
229mod algorithms;
230pub mod errors;
231pub mod oaep;
232pub mod pkcs1v15;
233pub mod pss;
234pub mod traits;
235
236mod dummy_rng;
237mod encoding;
238mod key;
239
240pub use pkcs1;
241pub use pkcs8;
242#[cfg(feature = "sha2")]
243pub use sha2;
244
245pub use crate::{
246 errors::{Error, Result},
247 key::{RsaPrivateKey, RsaPublicKey},
248 oaep::Oaep,
249 pkcs1v15::{Pkcs1v15Encrypt, Pkcs1v15Sign},
250 pss::Pss,
251 traits::keys::CrtValue,
252};
253
254#[cfg(feature = "hazmat")]
255pub mod hazmat;