Rsa.OAEP
OAEP-padded encryption, as defined by PKCS #1 v2.1.
The same hash function is used for padding and MGF. MGF is MGF1 as defined in PKCS #1 2.1.
Keys must have a minimum of 2 + 2 * hlen + len(message)
bytes, where hlen
is the hash length.
module H : Mirage_crypto.Hash.S
val encrypt :
?g:Mirage_crypto_rng.g ->
?label:Cstruct.t ->
key:pub ->
Cstruct.t ->
Cstruct.t
encrypt ~g ~label ~key message
is OAEP-padded and encrypted message
, using the optional label
.
val decrypt :
?crt_hardening:bool ->
?mask:mask ->
?label:Cstruct.t ->
key:priv ->
Cstruct.t ->
Cstruct.t option
decrypt ~crt_hardening ~mask ~label ~key ciphertext
is Some message
if the ciphertext
was produced by the corresponding encrypt operation, or None
otherwise. crt_hardening
defaults to false
.