Module PKCS1_v1_5
RSA digital signature protocol according to PKCS#1 v1.5
See RFC3447 or the original RSA Labs specification.
This scheme is more properly called RSASSA-PKCS1-v1_5.
For example, a sender may authenticate a message using SHA-1 like
this:
>>> from Crypto.Signature import PKCS1_v1_5
>>> from Crypto.Hash import SHA
>>> from Crypto.PublicKey import RSA
>>>
>>> message = 'To be signed'
>>> key = RSA.importKey(open('privkey.der').read())
>>> h = SHA.new(message)
>>> signer = PKCS1_v1_5.new(key)
>>> signature = signer.sign(h)
At the receiver side, verification can be done using the public part of
the RSA key:
>>> key = RSA.importKey(open('pubkey.der').read())
>>> h = SHA.new(message)
>>> verifier = PKCS1_v1_5.new(key)
>>> if verifier.verify(h, signature):
>>> print "The signature is authentic."
>>> else:
>>> print "The signature is not authentic."
|
PKCS115_SigScheme
This signature scheme can perform PKCS#1 v1.5 RSA signature or verification.
|
|
EMSA_PKCS1_V1_5_ENCODE(hash,
emLen)
Implement the EMSA-PKCS1-V1_5-ENCODE function, as defined
in PKCS#1 v2.1 (RFC3447, 9.2). |
|
|
|
new(key)
Return a signature scheme object PKCS115_SigScheme that
can be used to perform PKCS#1 v1.5 signature or verification. |
|
|
EMSA_PKCS1_V1_5_ENCODE(hash,
emLen)
|
|
Implement the EMSA-PKCS1-V1_5-ENCODE function, as defined
in PKCS#1 v2.1 (RFC3447, 9.2).
EMSA-PKCS1-V1_5-ENCODE actually accepts the message M as input,
and hash it internally. Here, we expect that the message has already
been hashed instead.
- Parameters:
hash (hash object) - The hash object that holds the digest of the message being signed.
emLen (int) - The length the final encoding must have, in bytes.
- Returns:
- An emLen byte long string that encodes the hash.
Attention:
-
the early standard (RFC2313) stated that DigestInfo
had to be BER-encoded. This means that old signatures
might have length tags in indefinite form, which
is not supported in DER. Such encoding cannot be
reproduced by this function.
-
the same standard defined DigestAlgorithm to be
of AlgorithmIdentifier type, where the PARAMETERS
item is optional. Encodings for MD2/4/5 without
PARAMETERS cannot be reproduced by this function.
|
Return a signature scheme object PKCS115_SigScheme that
can be used to perform PKCS#1 v1.5 signature or verification.
- Parameters:
key (RSA key object) - The key to use to sign or verify the message. This is a Crypto.PublicKey.RSA object.
Signing is only possible if key is a private RSA key.
|