RSA public-key cryptography.
Keys are taken to be trusted material, and their properties are not checked.
Messages are checked not to exceed the key size, and this is signalled via exceptions.
Private-key operations are optionally protected through RSA blinding.
Raised if the key is too small to transform the given message, i.e. if the numerical interpretation of the (potentially padded) message is not smaller than the modulus.
It is additionally raised if the message is 0 and the mode does not involve padding.
type priv = {e : Z.t;Public exponent
*)d : Z.t;Private exponent
*)n : Z.t;Modulus
*)p : Z.t;Prime factor p
q : Z.t;Prime factor q
dp : Z.t;d mod (p-1)
dq : Z.t;d mod (q-1)
q' : Z.t;q^(-1) mod p
}Private key (two-factor version).
Sexplib convertible.
Masking (cryptographic blinding) option.
val pub_bits : pub -> intBit-size of a public key.
val priv_bits : priv -> intBit-size of a private key.
priv_of_primes e p q creates priv from a minimal description: the public exponent and the two primes.
decrypt mask key ciphertext is the decrypted ciphertext, left-padded with 0x00 up to key size.
generate g e bits is a new priv. e defaults to 2^16+1.
module PKCS1 : sig ... endPKCS v1.5-padded operations, as defined by PKCS #1 v1.5.