lua-openssl

• Index

Contents

• Functions

Modules

• asn1
• bio
• bn
• callback
• cipher
• cms
• compat
• dh
• digest
• dsa
• ec
• engine
• hmac
• kdf
• lhash
• mac
• misc
• ocsp
• openssl
• param
• pkcs12
• pkcs7
• pkey
• rsa
• srp
• ssl
• th-lock
• ts
• util
• x509
• x509.algor
• x509.attribute
• x509.crl
• x509.extension
• x509.name
• x509.req
• x509.store

Topics

• README

Module rsa

rsa module for lua-openssl binding

RSA (Rivest-Shamir-Adleman) is a public-key cryptosystem that is widely used for secure data transmission.

The module provides functionality for RSA key generation, encryption, decryption, signing and signature verification.

Usage:

rsa = require('openssl').rsa

Functions

isprivate ()	check if RSA key contains private key components
size ()	get RSA key size in bytes
encrypt (data[, padding="pkcs1"[, use_private]])	encrypt data using RSA key
decrypt (data[, padding="pkcs1"[, use_private]])	decrypt data using RSA private key
sign (message[, digest="sha256"])	create digital signature using RSA private key
verify (message, signature[, digest="sha256"])	verify RSA signature using public key
parse ()	parse RSA key components and parameters
read (data[, private=true])	read RSA key from DER/PEM data
export ([private])	export RSA key to DER format
set_engine (engine)	set RSA engine for cryptographic operations
generate_key ([bits=2048[, e=65537[, eng]]])	generate RSA key pair
padding_add (data, padding, key_size, is_private)	add padding to data for RSA operations
padding_check (data, padding, size)	check and remove padding from data

Functions

isprivate ()

check if RSA key contains private key components

Returns:

boolean true if RSA key is private, false if public only

size ()

get RSA key size in bytes

Returns:

number key size in bytes

encrypt (data[, padding="pkcs1"[, use_private]])

encrypt data using RSA key

Parameters:

• data string data to encrypt
• padding string padding mode (“pkcs1”, “oaep”, “none”) (default "pkcs1")
• use_private boolean true to use private key for encryption (optional)

Returns:

string or nil encrypted data or nil on error

decrypt (data[, padding="pkcs1"[, use_private]])

decrypt data using RSA private key

Parameters:

• data string encrypted data to decrypt
• padding string padding mode (“pkcs1”, “oaep”, “none”) (default "pkcs1")
• use_private boolean true to use private key for decryption (optional)

Returns:

string or nil decrypted data or nil on error

sign (message[, digest="sha256"])

create digital signature using RSA private key

Parameters:

• message string data to sign
• digest string or evp_md algorithm to use (default "sha256")

Returns:

string or nil signature or nil on error

verify (message, signature[, digest="sha256"])

verify RSA signature using public key

Parameters:

• message string original data that was signed
• signature string signature to verify
• digest string or evp_md algorithm used for signing (default "sha256")

Returns:

boolean true if signature is valid, false otherwise

parse ()

parse RSA key components and parameters

Returns:

table RSA key parameters including bits, n, e, d, p, q, and CRT parameters

read (data[, private=true])

read RSA key from DER/PEM data

Parameters:

• data string DER or PEM encoded RSA key data
• private boolean true to read private key, false for public key (default true)

Returns:

rsa or nil RSA key object or nil on error

export ([private])

export RSA key to DER format

Parameters:

• private boolean true to export private key, false for public key (optional)

Returns:

string or nil DER-encoded RSA key or nil on error

set_engine (engine)

set RSA engine for cryptographic operations

Parameters:

• engine engine ENGINE object to use for RSA operations

Returns:

boolean true on success, false on failure

generate_key ([bits=2048[, e=65537[, eng]]])

generate RSA key pair

Parameters:

• bits number key size in bits (default 2048)
• e number public exponent (typically 65537) (default 65537)
• eng engine engine to use for key generation (optional)

Returns:

rsa or nil generated RSA key pair or nil on error

padding_add (data, padding, key_size, is_private)

add padding to data for RSA operations

Parameters:

• data string input data to add padding to
• padding string padding scheme (e.g., “pkcs1”, “oaep”, “x931”, “pss”)
• key_size number or rsa RSA key size in bytes or RSA object
• is_private boolean true for private key padding, false for public key

Returns:

string data with padding added

padding_check (data, padding, size)

check and remove padding from data

Parameters:

• data string padded data to check
• padding string padding mode to check
• size number expected output size

Returns:

string unpadded data or nil if padding check failed