Rsa.PKCS1
PKCS v1.5 operations, as defined by PKCS #1 v1.5.
For the operations that only add the raw padding, the key size must be at least 11 bytes larger than the message. For full signing, the minimal key size varies according to the hash algorithm. In this case, the key size is priv_bits key / 8
, rounded up.
val encrypt : ?g:Mirage_crypto_rng.g -> key:pub -> string -> string
encrypt g key message
is a PKCS1-padded (type 2) and encrypted message
.
decrypt ~crt_hardening ~mask ~key ciphertext
is Some message
if the ciphertext
was produced by the corresponding encrypt operation, or None
otherwise. crt_hardening
defaults to false
.
sig_encode ~crt_hardening ~mask ~key message
is the PKCS1-padded (type 1) message
signed by the key
. crt_hardening
defaults to true
and verifies that the computed signature is correct.
Note This operation performs only the padding and RSA transformation steps of the PKCS 1.5 signature. The full signature is implemented by sign
.
val sig_decode : key:pub -> string -> string option
sig_decode key signature
is Some message
when the signature
was produced with the given key
as per sig_encode, or None
min_key hash
is the minimum key size required by sign
.
val sign :
?crt_hardening:bool ->
?mask:mask ->
hash:[< Digestif.hash' MD5 SHA1 SHA224 SHA256 SHA384 SHA512 ] ->
key:priv ->
string or_digest ->
string
sign ~crt_hardening ~mask ~hash ~key message
is the PKCS 1.5 signature of message
, signed by the key
, using the hash function hash
. This is the full signature, with the ASN-encoded message digest as the payload. crt_hardening
defaults to true
and verifies that the computed signature is correct.
message
is either the actual message, or its digest.
val verify :
hashp:([< Digestif.hash' MD5 SHA1 SHA224 SHA256 SHA384 SHA512 ] -> bool) ->
key:pub ->
signature:string ->
string or_digest ->
bool
verify ~hashp ~key ~signature message
checks that signature
is the PKCS 1.5 signature of the message
under the given key
.
message
is either the actual message, or its digest.
hashp
determines the allowed hash algorithms. Whenever hashp
is false
, verify
is also false
.