You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 lines
2.9 KiB
89 lines
2.9 KiB
.. hazmat::
|
|
|
|
Asymmetric Utilities
|
|
====================
|
|
|
|
.. currentmodule:: cryptography.hazmat.primitives.asymmetric.utils
|
|
|
|
|
|
.. function:: decode_dss_signature(signature)
|
|
|
|
Takes in signatures generated by the DSA/ECDSA signers and returns a
|
|
tuple ``(r, s)``. These signatures are ASN.1 encoded ``Dss-Sig-Value``
|
|
sequences (as defined in :rfc:`3279`)
|
|
|
|
:param bytes signature: The signature to decode.
|
|
|
|
:returns: The decoded tuple ``(r, s)``.
|
|
|
|
:raises ValueError: Raised if the signature is malformed.
|
|
|
|
.. function:: encode_dss_signature(r, s)
|
|
|
|
Creates an ASN.1 encoded ``Dss-Sig-Value`` (as defined in :rfc:`3279`) from
|
|
raw ``r`` and ``s`` values.
|
|
|
|
:param int r: The raw signature value ``r``.
|
|
|
|
:param int s: The raw signature value ``s``.
|
|
|
|
:return bytes: The encoded signature.
|
|
|
|
.. class:: Prehashed(algorithm)
|
|
|
|
.. versionadded:: 1.6
|
|
|
|
``Prehashed`` can be passed as the ``algorithm`` in the RSA
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.sign`
|
|
and
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey.verify`
|
|
as well as DSA
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey.sign`
|
|
and
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey.verify`
|
|
methods.
|
|
|
|
For elliptic curves it can be passed as the ``algorithm`` in
|
|
:class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` and then used
|
|
with
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`
|
|
and
|
|
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify`
|
|
.
|
|
|
|
:param algorithm: An instance of
|
|
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
|
|
|
|
.. doctest::
|
|
|
|
>>> import hashlib
|
|
>>> from cryptography.hazmat.backends import default_backend
|
|
>>> from cryptography.hazmat.primitives import hashes
|
|
>>> from cryptography.hazmat.primitives.asymmetric import (
|
|
... padding, rsa, utils
|
|
... )
|
|
>>> private_key = rsa.generate_private_key(
|
|
... public_exponent=65537,
|
|
... key_size=2048,
|
|
... backend=default_backend()
|
|
... )
|
|
>>> prehashed_msg = hashlib.sha256(b"A message I want to sign").digest()
|
|
>>> signature = private_key.sign(
|
|
... prehashed_msg,
|
|
... padding.PSS(
|
|
... mgf=padding.MGF1(hashes.SHA256()),
|
|
... salt_length=padding.PSS.MAX_LENGTH
|
|
... ),
|
|
... utils.Prehashed(hashes.SHA256())
|
|
... )
|
|
>>> public_key = private_key.public_key()
|
|
>>> public_key.verify(
|
|
... signature,
|
|
... prehashed_msg,
|
|
... padding.PSS(
|
|
... mgf=padding.MGF1(hashes.SHA256()),
|
|
... salt_length=padding.PSS.MAX_LENGTH
|
|
... ),
|
|
... utils.Prehashed(hashes.SHA256())
|
|
... )
|