diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-04-05 19:51:00 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-04-20 16:53:02 -0500 |
| commit | 4c0a374dd90cd48c21267e4d8be1ddef8288b29c (patch) | |
| tree | e78af314d7d64e9eb00a624465cbeedbc37dd469 /docs/hazmat/primitives/asymmetric/padding.rst | |
| parent | 16b953a22abf2092f6d428f04141f3e5c9513ce9 (diff) | |
| download | cryptography-4c0a374dd90cd48c21267e4d8be1ddef8288b29c.tar.gz cryptography-4c0a374dd90cd48c21267e4d8be1ddef8288b29c.tar.bz2 cryptography-4c0a374dd90cd48c21267e4d8be1ddef8288b29c.zip | |
docs, tests, general huge improvements to RSA decryption
Diffstat (limited to 'docs/hazmat/primitives/asymmetric/padding.rst')
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/padding.rst | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/docs/hazmat/primitives/asymmetric/padding.rst b/docs/hazmat/primitives/asymmetric/padding.rst index 89af7eaa..0c2f7ce7 100644 --- a/docs/hazmat/primitives/asymmetric/padding.rst +++ b/docs/hazmat/primitives/asymmetric/padding.rst @@ -10,6 +10,21 @@ Padding correct padding signatures can be forged, messages decrypted, and private keys compromised. +.. class:: OAEP(mgf, label) + + .. versionadded:: 0.4 + + OAEP (Optimal Asymmetric Encryption Padding) is a padding scheme defined in + :rfc:`3447`. It provides probabilistic encryption and is `proven secure`_ + against several attack types. This is the `recommended padding algorithm`_ + for RSA encryption. It cannot be used with RSA signing. + + :param mgf: A mask generation function object. At this time the only + supported MGF is :class:`MGF1`. + + :param bytes label: A label to apply. This is a rarely used field and many + backends do not support it. + .. class:: PSS(mgf, salt_length) .. versionadded:: 0.3 @@ -19,7 +34,8 @@ Padding PSS (Probabilistic Signature Scheme) is a signature scheme defined in :rfc:`3447`. It is more complex than PKCS1 but possesses a `security proof`_. - This is the `recommended padding algorithm`_ for RSA signatures. + This is the `recommended padding algorithm`_ for RSA signatures. It cannot + be used with RSA encryption. :param mgf: A mask generation function object. At this time the only supported MGF is :class:`MGF1`. @@ -37,7 +53,8 @@ Padding .. versionadded:: 0.3 PKCS1 v1.5 (also known as simply PKCS1) is a simple padding scheme - developed for use with RSA keys. It is defined in :rfc:`3447`. + developed for use with RSA keys. It is defined in :rfc:`3447`. This padding + can be used for signing and encryption. Mask generation functions ~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -58,5 +75,6 @@ Mask generation functions .. _`Padding is critical`: http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/ +.. _`proven secure`: http://cseweb.ucsd.edu/users/mihir/papers/oae.pdf .. _`security proof`: http://eprint.iacr.org/2001/062.pdf .. _`recommended padding algorithm`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html |