crypto-pubkey-0.2.8: Public Key cryptography

LicenseBSD-style
MaintainerVincent Hanquez <vincent@snarc.org>
Stabilityexperimental
PortabilityGood
Safe HaskellNone
LanguageHaskell98

Crypto.PubKey.RSA

Contents

Description

 

Synopsis

Documentation

data Error Source

error possible during encryption, decryption or signing.

Constructors

MessageSizeIncorrect

the message to decrypt is not of the correct size (need to be == private_size)

MessageTooLong

the message to encrypt is too long

MessageNotRecognized

the message decrypted doesn't have a PKCS15 structure (0 2 .. 0 msg)

SignatureTooLong

the message's digest is too long

InvalidParameters

some parameters lead to breaking assumptions.

Instances

data PublicKey :: *

Represent a RSA public key

Constructors

PublicKey 

Fields

public_size :: Int

size of key in bytes

public_n :: Integer

public p*q

public_e :: Integer

public exponant e

data PrivateKey :: *

Represent a RSA private key.

Only the pub, d fields are mandatory to fill.

p, q, dP, dQ, qinv are by-product during RSA generation, but are useful to record here to speed up massively the decrypt and sign operation.

implementations can leave optional fields to 0.

Constructors

PrivateKey 

Fields

private_pub :: PublicKey

public part of a private key (size, n and e)

private_d :: Integer

private exponant d

private_p :: Integer

p prime number

private_q :: Integer

q prime number

private_dP :: Integer

d mod (p-1)

private_dQ :: Integer

d mod (q-1)

private_qinv :: Integer

q^(-1) mod p

data Blinder Source

Blinder which is used to obfuscate the timing of the decryption primitive (used by decryption and signing).

Constructors

Blinder !Integer !Integer 

Instances

generation function

generateWith Source

Arguments

:: (Integer, Integer)

chosen distinct primes p and q

-> Int

size in bytes

-> Integer

RSA public exponant e

-> Maybe (PublicKey, PrivateKey) 

Generate a key pair given p and q.

p and q need to be distinct prime numbers.

e need to be coprime to phi=(p-1)*(q-1). If that's not the case, the function will not return a key pair. A small hamming weight results in better performance.

  • e=0x10001 is a popular choice
  • e=3 is popular as well, but proven to not be as secure for some cases.

generate Source

Arguments

:: CPRG g 
=> g

CPRG

-> Int

size in bytes

-> Integer

RSA public exponant e

-> ((PublicKey, PrivateKey), g) 

generate a pair of (private, public) key of size in bytes.

generateBlinder Source

Arguments

:: CPRG g 
=> g

CPRG to use.

-> Integer

RSA public N parameter.

-> (Blinder, g) 

Generate a blinder to use with decryption and signing operation

the unique parameter apart from the random number generator is the public key value N.