Module Rsa.OAEP

OAEP-padded encryption, as defined by PKCS #1 v2.1.

The same hash function is used for padding and MGF. MGF is MGF1 as defined in PKCS #1 2.1.

Keys must have a minimum of 2 + 2 * hlen + len(message) bytes, where hlen is the hash length.

Parameters

module H : Digestif.S

Signature

val encrypt : ?g:Mirage_crypto_rng.g -> ?label:string -> key:pub -> string -> string

encrypt ~g ~label ~key message is OAEP-padded and encrypted message, using the optional label.

val decrypt : ?crt_hardening:bool -> ?mask:mask -> ?label:string -> key:priv -> string -> string option

decrypt ~crt_hardening ~mask ~label ~key ciphertext is Some message if the ciphertext was produced by the corresponding encrypt operation, or None otherwise. crt_hardening defaults to false.