libp2p/crypto/rsa

    Dark Mode
Search:
Group by:
  Source   Edit

This module implements constant-time RSA PKCS#1.5 DSA.

This module uses unmodified parts of code from BearSSL library <https://bearssl.org/> Copyright(C) 2018 Thomas Pornin <pornin@bolet.org>.

Types

RsaError = enum
  RsaGenError, RsaKeyIncorrectError, RsaSignatureError, RsaLowSecurityError
  Source   Edit
RsaPrivateKey = ref object
  buffer*: seq[byte]
  seck*: rsa.RsaPrivateKey
  pubk*: rsa.RsaPublicKey
  pexp*: ptr byte
  pexplen*: uint
  Source   Edit
RsaPublicKey = ref object
  buffer*: seq[byte]
  key*: rsa.RsaPublicKey
  Source   Edit
RsaResult[T] = Result[T, RsaError]
  Source   Edit
RsaSignature = ref object
  buffer*: seq[byte]
  Source   Edit

Consts

DefaultKeySize = 3072
Default RSA key size in bits.   Source   Edit
DefaultPublicExponent = 65537'u32
Default value for RSA public exponent. https://golang.org/src/crypto/rsa/rsa.go#226   Source   Edit
RsaOidSha1 = [5'u, 0x0000002B, 0x0000000E, 0x00000003, 0x00000002, 0x0000001A]
RSA PKCS#1.5 SHA-1 hash object identifier.   Source   Edit
RsaOidSha224 = [9'u, 0x00000060, 0x00000086, 0x00000048, 0x00000001, 0x00000065,
                0x00000003, 0x00000004, 0x00000002, 0x00000004]
RSA PKCS#1.5 SHA-224 hash object identifier.   Source   Edit
RsaOidSha256 = [9'u, 0x00000060, 0x00000086, 0x00000048, 0x00000001, 0x00000065,
                0x00000003, 0x00000004, 0x00000002, 0x00000001]
RSA PKCS#1.5 SHA-256 hash object identifier.   Source   Edit
RsaOidSha384 = [9'u, 0x00000060, 0x00000086, 0x00000048, 0x00000001, 0x00000065,
                0x00000003, 0x00000004, 0x00000002, 0x00000002]
RSA PKCS#1.5 SHA-384 hash object identifier.   Source   Edit
RsaOidSha512 = [9'u, 0x00000060, 0x00000086, 0x00000048, 0x00000001, 0x00000065,
                0x00000003, 0x00000004, 0x00000002, 0x00000003]
RSA PKCS#1.5 SHA-512 hash object identifier.   Source   Edit

Procs

proc `$`(key: RsaPrivateKey): string {....raises: [], tags: [].}
Return string representation of RSA private key.   Source   Edit
proc `$`(key: RsaPublicKey): string {....raises: [], tags: [].}
Return string representation of RSA public key.   Source   Edit
proc `$`(sig: RsaSignature): string {....raises: [], tags: [].}
Return string representation of RSA signature.   Source   Edit
proc `==`(a, b: RsaPrivateKey): bool {....raises: [], tags: [].}

Compare two RSA private keys for equality.

Result is true if a and b are both nil or a and b are equal by value.

  Source   Edit
proc `==`(a, b: RsaPublicKey): bool {....raises: [], tags: [].}
Compare two RSA public keys for equality.   Source   Edit
proc `==`(a, b: RsaSignature): bool {....raises: [], tags: [].}
Compare two RSA signatures for equality.   Source   Edit
proc clear[T: RsaPKI | RsaKeyPair](pki: var T) {....raises: [].}
Wipe and clear EC private key, public key or scalar object.   Source   Edit
proc copy[T: RsaPKI](key: T): T {....raises: [].}
Create copy of RSA private key, public key or signature.   Source   Edit
proc getBytes(key: RsaPrivateKey): RsaResult[seq[byte]] {....raises: [], tags: [].}
Serialize RSA private key key to ASN.1 DER binary form and return it.   Source   Edit
proc getBytes(key: RsaPublicKey): RsaResult[seq[byte]] {....raises: [], tags: [].}
Serialize RSA public key key to ASN.1 DER binary form and return it.   Source   Edit
proc getBytes(sig: RsaSignature): RsaResult[seq[byte]] {....raises: [], tags: [].}
Serialize RSA signature sig to raw binary form and return it.   Source   Edit
proc getPublicKey(key: RsaPrivateKey): RsaPublicKey {....raises: [], tags: [].}
Get RSA public key from RSA private key.   Source   Edit
proc init(key: var RsaPrivateKey; data: openArray[byte]): Result[void, Asn1Error] {.
    ...raises: [], tags: [].}

Initialize RSA private key key from ASN.1 DER binary representation data.

Procedure returns Asn1Status.

  Source   Edit
proc init(key: var RsaPublicKey; data: openArray[byte]): Result[void, Asn1Error] {.
    ...raises: [], tags: [].}

Initialize RSA public key key from ASN.1 DER binary representation data.

Procedure returns Asn1Status.

  Source   Edit
proc init(sig: var RsaSignature; data: openArray[byte]): Result[void, Asn1Error] {.
    ...raises: [], tags: [].}

Initialize RSA signature sig from ASN.1 DER binary representation data.

Procedure returns Result[void, Asn1Status].

  Source   Edit
proc init(t: typedesc[RsaPrivateKey]; data: openArray[byte]): RsaResult[
    RsaPrivateKey] {....raises: [].}
Initialize RSA private key from ASN.1 DER binary representation data and return constructed object.   Source   Edit
proc init(t: typedesc[RsaPublicKey]; data: openArray[byte]): RsaResult[
    RsaPublicKey] {....raises: [].}
Initialize RSA public key from ASN.1 DER binary representation data and return constructed object.   Source   Edit
proc init(t: typedesc[RsaSignature]; data: openArray[byte]): RsaResult[
    RsaSignature] {....raises: [].}
Initialize RSA signature from raw binary representation data and return constructed object.   Source   Edit
proc init[T: RsaPKI](sospk: var T; data: string): Result[void, Asn1Error] {.
    inline, ...raises: [].}

Initialize EC private key, public key or scalar sospk from hexadecimal string representation data.

Procedure returns Result[void, Asn1Status].

  Source   Edit
proc init[T: RsaPKI](t: typedesc[T]; data: string): T {.inline, ...raises: [].}
Initialize RSA private key, public key or signature from hexadecimal string representation data and return constructed object.   Source   Edit
proc pubkey(pair: RsaKeyPair): RsaPublicKey {.inline, ...raises: [], tags: [].}
Get RSA public key from pair pair.   Source   Edit
proc random[T: RsaKP](t: typedesc[T]; rng: Rng; bits = DefaultKeySize;
                      pubexp = DefaultPublicExponent): RsaResult[T] {....raises: [].}

Generate new random RSA private key using BearSSL's HMAC-SHA256-DRBG algorithm.

bits number of bits in RSA key, must be in range [2048, 4096] (default = 3072).

pubexp is RSA public exponent, which must be prime (default = 3).

  Source   Edit
proc seckey(pair: RsaKeyPair): RsaPrivateKey {.inline, ...raises: [], tags: [].}
Get RSA private key from pair pair.   Source   Edit
proc sign[T: byte | char](key: RsaPrivateKey; message: openArray[T]): RsaResult[
    RsaSignature] {....gcsafe, raises: [].}
Get RSA PKCS1.5 signature of data message using SHA256 and private key key.   Source   Edit
proc toBytes(key: RsaPrivateKey; data: var openArray[byte]): RsaResult[int] {.
    ...raises: [], tags: [].}

Serialize RSA private key key to ASN.1 DER binary form and store it to data.

Procedure returns number of bytes (octets) needed to store RSA private key, or 0 if private key is is incorrect.

  Source   Edit
proc toBytes(key: RsaPublicKey; data: var openArray[byte]): RsaResult[int] {.
    ...raises: [], tags: [].}

Serialize RSA public key key to ASN.1 DER binary form and store it to data.

Procedure returns number of bytes (octets) needed to store RSA public key, or 0 if public key is incorrect.

  Source   Edit
proc toBytes(sig: RsaSignature; data: var openArray[byte]): RsaResult[int] {.
    ...raises: [], tags: [].}

Serialize RSA signature sig to raw binary form and store it to data.

Procedure returns number of bytes (octets) needed to store RSA public key, or 0 if public key is incorrect.

  Source   Edit
proc verify[T: byte | char](sig: RsaSignature; message: openArray[T];
                            pubkey: RsaPublicKey): bool {.inline, ...raises: [].}

Verify RSA signature sig using public key pubkey and data message.

Return true if message verification succeeded, false if verification failed.

  Source   Edit

Templates

template getArray(bs, os, ls: untyped): untyped
  Source   Edit