Lib.rs

Cryptography
#rsa #encryption #security #crypto

no-std rsa_ext

Pure Rust RSA implementation

by Friedel Ziegelmayer, RustCrypto Developers. Owned by Caisin.

3 releases

0.1.2 Nov 30, 2022
0.1.1 Nov 30, 2022
0.1.0 Nov 30, 2022

#1285 in Cryptography

25 downloads per month

MIT/Apache

170KB
3.5K SLoC

RSA

crates.io Documentation Build Status minimum rustc 1.57 Project Chat dependency status

A portable RSA implementation in pure Rust.

⚠️ WARNING: This crate has been audited by a 3rd party, but a full blog post with the results and the updates made since the audit has not been officially released yet. See #60 for more information.

Example

use rsa::{PublicKey, RsaPrivateKey, RsaPublicKey, PaddingScheme};

let mut rng = rand::thread_rng();
let bits = 2048;
let priv_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
let pub_key = RsaPublicKey::from(&priv_key);

// Encrypt
let data = b"hello world";
let enc_data = pub_key.encrypt(&mut rng, PaddingScheme::new_pkcs1v15_encrypt(), &data[..]).expect("failed to encrypt");
assert_ne!(&data[..], &enc_data[..]);

// Decrypt
let dec_data = priv_key.decrypt(PaddingScheme::new_pkcs1v15_encrypt(), &enc_data).expect("failed to decrypt");
assert_eq!(&data[..], &dec_data[..]);

Note: If you encounter unusually slow key generation time while using RsaPrivateKey::new you can try to compile in release mode or add the following to your Cargo.toml. Key generation is much faster when building with higher optimization levels, but this will increase the compile time a bit.

[profile.debug]
opt-level = 3

If you don't want to turn on optimizations for all dependencies, you can only optimize the num-bigint-dig dependency. This should give most of the speedups.

[profile.dev.package.num-bigint-dig]
opt-level = 3

Status

Currently at Phase 1 (v) 🚧

There will be three phases before 1.0 🚢 can be released.

  1. 🚧 Make it work
    • Prime generation ✅
    • Key generation ✅
    • PKCS1v1.5: Encryption & Decryption ✅
    • PKCS1v1.5: Sign & Verify ✅
    • PKCS1v1.5 (session key): Encryption & Decryption
    • OAEP: Encryption & Decryption
    • PSS: Sign & Verify
    • Key import & export
  2. 🚀 Make it fast
    • Benchmarks ✅
    • compare to other implementations 🚧
    • optimize 🚧
  3. 🔐 Make it secure
    • Fuzz testing
    • Security Audits

Minimum Supported Rust Version (MSRV)

All crates in this repository support Rust 1.57 or higher. In future minimally supported version of Rust can be changed, but it will be done with a minor version bump.

License

Licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~3.5MB
~70K SLoC