#rsa #encryption #signature #pkcs1 #oaep #pss


A pure Rust implementation of the RSA public key cryptosystem

2 stable releases

Uses new Rust 2021

1.1.0 Nov 1, 2022
1.0.4 Oct 26, 2022
1.0.3 Oct 22, 2022

#538 in Cryptography

48 downloads per month


922 lines


Build Status docs.rs crates.io

A pure Rust implementation of the RSA public key cryptosystem.

The following features are available:

⚠️ This crate has not been audited by any peer and is not production-ready: We encourage you to review the code carefully before using it.


Add the following line to your Cargo.toml dependencies:

rsa-oaep-pss = "1"

Check out the crates.io page to see what is the latest version of this crate.

How to use ?

Keys generation

let (public_key, private_key) = rsa_oaep_pss::generate_rsa_keys(&mut rng, 2048)
    .expect("keys generation error");

Encryption using OAEP scheme

let message = b"some secret";

let mut oaep = rsa_oaep_pss::RsaOaep::new(rand::rngs::OsRng, &sha2::Sha256::new());

let ciphertext = oaep
    .encrypt(&public_key, message)
    .expect("encryption error");

let recovered = oaep
    .decrypt(&private_key, &ciphertext)
    .expect("decryption error");

assert_eq!(recovered, message);

Signature using PSS scheme

let message = b"message to sign";

let mut pss = rsa_oaep_pss::RsaPss::new(rand::rngs::OsRng, &sha2::Sha256::new());

let signature = pss.sign(&private_key, message).expect("signature error");

let verification = pss.verify(&public_key, message, &signature);


Importing and exporting of keys

use rsa_oaep_pss::{FromPem, ToPem};

let pem_public_key = std::fs::read_to_string("public.pem")?;

let public_key = RsaPublicKey::from_pem(&pem_public_key)?;

let re_exported_pem_public_key = public_key.to_pem()?;

assert_eq!(pem_public_key, re_exported_pem_public_key);

You can also use FromDer and ToDer for dealing with raw DER data.

Run the examples

You can run examples contained in the examples folder by using the following command:

cargo run --example <filename> --release 


~42K SLoC