OAEP is parameterised by a hash function that is used as a random oracle.

DecryptPKCS1v15 decrypts a plaintext using RSA and the padding scheme from PKCS#1 v1.5.

DecryptPKCS1v15SessionKey decrypts a session key using RSA and the padding scheme from PKCS#1 v1.5.

EncryptOAEP encrypts the given message with RSA-OAEP.

EncryptPKCS1v15 encrypts the given message with RSA and the padding scheme from PKCS#1 v1.5.

GenerateKey generates an RSA keypair of the given bit size using the random source random (for example, crypto/rand.Reader).

GenerateMultiPrimeKey generates a multi-prime RSA keypair of the given bit size and the given random source, as suggested in [1].

SignPKCS1v15 calculates the signature of hashed using RSASSA-PKCS1-V1_5-SIGN from RSA PKCS#1 v1.5.

SignPSS calculates the signature of hashed using RSASSA-PSS [1].

VerifyPKCS1v15 verifies an RSA PKCS#1 v1.5 signature.

VerifyPSS verifies a PSS signature.

PSSSaltLengthAuto causes the salt in a PSS signature to be as large as possible when signing, and to be auto-detected when verifying.

PSSSaltLengthEqualsHash causes the salt length to equal the length of the hash used in the signature.

ErrDecryption represents a failure to decrypt a message.

ErrMessageTooLong is returned when attempting to encrypt a message which is too large for the size of the public key.

ErrVerification represents a failure to verify a signature.

CRTValue contains the precomputed Chinese remainder theorem values.

OAEPOptions is an interface for passing options to OAEP decryption using the crypto.Decrypter interface.

PKCS1v15DecrypterOpts is for passing options to PKCS#1 v1.5 decryption using the crypto.Decrypter interface.

A PrivateKey represents an RSA key.

PSSOptions contains options for creating and verifying PSS signatures.

A PublicKey represents the public part of an RSA key.