diff --git a/Assignment 7 - SGX Hands-on/rsa/rsa.c b/Assignment 7 - SGX Hands-on/rsa/rsa.c
new file mode 100644
index 0000000..c00eb95
--- /dev/null
+++ b/Assignment 7 - SGX Hands-on/rsa/rsa.c	
@@ -0,0 +1,143 @@
+#include "rsa.h"
+#include <gmp.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+static int random_prime(mpz_t prime, const size_t size) {
+    u8 tmp[size];
+    FILE *urandom = fopen("/dev/urandom", "rb");
+    
+    if((urandom == NULL) || (prime == NULL))
+        return 0;
+
+    fread(tmp, 1, size, urandom);
+    mpz_import(prime, size, 1, 1, 1, 0, tmp);
+    mpz_nextprime(prime, prime);
+
+    fclose(urandom);
+    return 1;
+}
+
+static int rsa_keygen(rsa_key *key) {
+    if(key == NULL)
+        return 0;
+
+    // init bignums
+    mpz_init_set_ui(key->e, 65537);
+    mpz_inits(key->p, key->q, key->n, key->d, NULL);
+    
+    // prime gen
+    if ((!random_prime(key->p, MODULUS_SIZE/2)) || (!random_prime(key->q, MODULUS_SIZE/2)))
+        return 0;
+
+    //printf("%d\n", mpz_probab_prime_p(key->p, 50));
+    //printf("%d\n", mpz_probab_prime_p(key->q, 50));
+
+    // compute n
+    mpz_mul(key->n, key->p, key->q);
+
+    // compute phi(n)
+    mpz_t phi_n; mpz_init(phi_n);
+    mpz_sub_ui(key->p, key->p, 1);
+    mpz_sub_ui(key->q, key->q, 1);
+    mpz_mul(phi_n, key->p, key->q);
+    mpz_add_ui(key->p, key->p, 1);
+    mpz_add_ui(key->q, key->q, 1);
+    
+    // compute d
+    if(mpz_invert(key->d, key->e, phi_n) == 0) {
+        return 0;
+    }
+    
+    // free temporary phi_n and return true
+    mpz_clear(phi_n);
+    return 1;
+}
+
+int rsa_init(rsa_key *key) {
+    if(1) {
+        return rsa_keygen(key);
+    } else {
+        // TODO: get from sealing
+    }
+}
+
+void rsa_free(rsa_key *key) {
+    // free bignums
+    mpz_clears(key->p, key->q, key->n, key->e, key->d, NULL);
+}
+
+static int pkcs1(mpz_t message, const u8 *data, const size_t length) {
+    // temporary buffer
+    u8 padded_bytes[MODULUS_SIZE];
+
+    // calculate padding size (how many 0xff bytes)
+    size_t padding_length = MODULUS_SIZE - length - 3;
+
+    if ((padding_length < 8) || (message == NULL)) {
+        // message to big
+        // or null pointer
+        return 0;
+    }
+
+    // set padding bytes
+    padded_bytes[0] = 0x00;
+    padded_bytes[1] = 0x01;
+    padded_bytes[2 + padding_length] = 0x00;
+
+    for (size_t i = 2; i < padding_length + 2; i++) {
+        padded_bytes[i] = 0xff;
+    }
+
+    // copy message bytes
+    memcpy(padded_bytes + padding_length + 3, data, length);
+
+    // convert padded message to mpz_t
+    mpz_import(message, MODULUS_SIZE, 1, 1, 0, 0, padded_bytes);
+    return 1;
+}
+
+// TODO RSA Blinding
+int rsa_sign(u8 *sig, const u8 *sha256, const rsa_key *key) {
+    // null pointer handling
+    if((sig == NULL) || (sha256 == NULL) || (key == NULL))
+        return 0;
+    
+    // init bignum message
+    mpz_t message; mpz_init(message);
+
+    // add padding
+    if(!pkcs1(message, sha256, 32)) {
+        return 0;
+    }
+
+    // compute signature
+    mpz_powm(message, message, key->d, key->n);
+
+    // export signature
+    size_t size = (mpz_sizeinbase(message, 2) + 7) / 8;
+    mpz_export(sig, &size, 1, 1, 0, 0, message);
+
+    // free bignum and return true
+    mpz_clear(message);
+    return 1;
+}
+
+// TODO
+int rsa_verify(const u8 *sig, const u8 *sha256, rsa_public_key *pk) {
+    // null pointer handling
+    if((sig == NULL) || (sha256 == NULL) || (pk == NULL))
+        return 0;
+
+
+    return 1;
+}
+
+void rsa_print(rsa_key *key) {
+    gmp_printf("%Zu\n", key->p);
+    gmp_printf("%Zu\n", key->q);
+    gmp_printf("%Zu\n", key->n);
+    gmp_printf("%Zu\n", key->e);
+    gmp_printf("%Zu\n", key->d);
+}
\ No newline at end of file
diff --git a/Assignment 7 - SGX Hands-on/rsa/rsa.h b/Assignment 7 - SGX Hands-on/rsa/rsa.h
new file mode 100644
index 0000000..2ca1582
--- /dev/null
+++ b/Assignment 7 - SGX Hands-on/rsa/rsa.h	
@@ -0,0 +1,37 @@
+#ifndef RSA_H
+#define RSA_H
+
+#include <gmp.h>
+#include <stdint.h>
+
+#ifndef MODULUS_SIZE
+#define MODULUS_SIZE 256ULL
+#endif
+
+typedef uint8_t u8;
+typedef uint16_t u16;
+typedef uint32_t u32;
+typedef uint64_t u64;
+
+typedef struct {
+    mpz_t p;
+    mpz_t q;
+    mpz_t n;
+    mpz_t e;
+    mpz_t d;
+} rsa_key;
+
+typedef struct {
+    mpz_t e;
+    mpz_t n;
+} rsa_public_key;
+
+void rsa_print(rsa_key *key);
+
+int rsa_init(rsa_key *key);
+void rsa_free(rsa_key *key);
+
+int rsa_sign(u8 *sig, const u8 *sha256, const rsa_key *key);
+int rsa_verify(const u8 *sig, const u8* sha256, rsa_public_key *pk);
+
+#endif
\ No newline at end of file