[solved] Which crates to use for RSA key pair generation and signing/verification

It seems like in openssl, you can generate RSA keys and enc/decrypt (https://docs.rs/openssl/0.10.7/openssl/rsa/struct.Rsa.html) but not sign, while in ring, you can only sign/verify but not
generate or enc/decrypt (https://docs.rs/ring/0.13.0-alpha/ring/signature/index.html#signing-and-verifying-with-rsa-pkcs1-15-padding).

So if I wanted to generate a key and use it to sign something, I would need openssl to generate it and ring to do the signing? One tiny problem: https://docs.rs/ring/0.13.0-alpha/ring/signature/struct.RSAKeyPair.html you can’t just feed the public and private keys to ring::signature::RSAKeyPair - it has to first be formatted with some format.
So it seems like I would need 3 different libraries for this (assuming there is some library for formatting it in PKCS#8 or DER)?

Edit: Oh it seems like signing would rather be done throught this module https://docs.rs/openssl/0.10.7/openssl/sign/index.html - openssl it is then.

1 Like

I used OpenSSL for https://github.com/frehberg/wasm-sign
Maybe useful as sample for you :wink:

1 Like