Portability | Good |
---|---|
Stability | experimental |
Maintainer | Vincent Hanquez <vincent@snarc.org> |
Safe Haskell | None |
- data Error
- data PublicKey = PublicKey {}
- data PrivateKey = PrivateKey {}
- data Blinder = Blinder !Integer !Integer
- generateWith :: (Integer, Integer) -> Int -> Integer -> Maybe (PublicKey, PrivateKey)
- generate :: CPRG g => g -> Int -> Integer -> ((PublicKey, PrivateKey), g)
- generateBlinder :: CPRG g => g -> Integer -> (Blinder, g)
Documentation
error possible during encryption, decryption or signing.
MessageSizeIncorrect | the message to decrypt is not of the correct size (need to be == private_size) |
MessageTooLong | the message to encrypt is too long |
MessageNotRecognized | the message decrypted doesn't have a PKCS15 structure (0 2 .. 0 msg) |
SignatureTooLong | the message's digest is too long |
InvalidParameters | some parameters lead to breaking assumptions. |
data PrivateKey
Represent a RSA private key.
Only the pub, d fields are mandatory to fill.
p, q, dP, dQ, qinv are by-product during RSA generation, but are useful to record here to speed up massively the decrypt and sign operation.
implementations can leave optional fields to 0.
PrivateKey | |
|
Blinder which is used to obfuscate the timing of the decryption primitive (used by decryption and signing).
generation function
:: (Integer, Integer) | chosen distinct primes p and q |
-> Int | size in bytes |
-> Integer | RSA public exponant |
-> Maybe (PublicKey, PrivateKey) |
Generate a key pair given p and q.
p and q need to be distinct prime numbers.
e need to be coprime to phi=(p-1)*(q-1). If that's not the case, the function will not return a key pair. A small hamming weight results in better performance.
- e=0x10001 is a popular choice
- e=3 is popular as well, but proven to not be as secure for some cases.
:: CPRG g | |
=> g | CPRG |
-> Int | size in bytes |
-> Integer | RSA public exponant |
-> ((PublicKey, PrivateKey), g) |
generate a pair of (private, public) key of size in bytes.
Generate a blinder to use with decryption and signing operation
the unique parameter apart from the random number generator is the public key value N.