Skip to main content

rsa/traits/
padding.rs

1//! Supported padding schemes.
2
3#[cfg(feature = "alloc")]
4use alloc::vec::Vec;
5
6use rand_core::TryCryptoRng;
7
8use crate::errors::Result;
9#[cfg(feature = "alloc")]
10use crate::key::RsaPrivateKey;
11use crate::traits::modular::CtModulusParams;
12use crate::traits::{PublicKeyParts, UnsignedModularInt};
13
14/// Padding scheme used for encryption.
15pub trait PaddingScheme {
16    /// Decrypt the given message using the given private key.
17    ///
18    /// If an `rng` is passed, it uses RSA blinding to help mitigate timing
19    /// side-channel attacks.
20    #[cfg(feature = "alloc")]
21    fn decrypt<Rng: TryCryptoRng + ?Sized>(
22        self,
23        rng: Option<&mut Rng>,
24        priv_key: &RsaPrivateKey,
25        ciphertext: &[u8],
26    ) -> Result<Vec<u8>>;
27
28    /// Encrypt the given message using the given public key.
29    #[cfg(feature = "alloc")]
30    fn encrypt<Rng, K, T>(self, rng: &mut Rng, pub_key: &K, msg: &[u8]) -> Result<Vec<u8>>
31    where
32        Rng: TryCryptoRng + ?Sized,
33        T: UnsignedModularInt,
34        K: PublicKeyParts<T>,
35        K::MontyParams: CtModulusParams;
36}
37
38/// Digital signature scheme.
39pub trait SignatureScheme {
40    /// Sign the given digest.
41    #[cfg(feature = "alloc")]
42    fn sign<Rng: TryCryptoRng + ?Sized>(
43        self,
44        rng: Option<&mut Rng>,
45        priv_key: &RsaPrivateKey,
46        hashed: &[u8],
47    ) -> Result<Vec<u8>>;
48
49    /// Verify a signed message.
50    ///
51    /// `hashed` must be the result of hashing the input using the hashing function
52    /// passed in through `hash`.
53    ///
54    /// If the message is valid `Ok(())` is returned, otherwise an `Err` indicating failure.
55    fn verify<K, T>(self, pub_key: &K, hashed: &[u8], sig: &[u8]) -> Result<()>
56    where
57        T: UnsignedModularInt,
58        K: PublicKeyParts<T>;
59}