The Crypto.Signature
package contains algorithms for performing digital signatures, used to guarantee integrity and non-repudiation.
Digital signatures are based on public key cryptography: the party that signs a message holds the private key, the one that verifies the signature holds the public key.
- Instantiate a new signer object for the desired algorithm, for instance with
Crypto.Signature.pkcs1_15.new
. The first parameter is the key object (private key) obtained via theCrypto.PublicKey
module. - Instantiate a cryptographic hash object, for instance with
Crypto.Hash.SHA384.new
. Then, process the message with itsupdate
method. - Invoke the
sign
method on the signer with the hash object as parameter. The output is the signature of the message (a byte string).
- Instantiate a new verifier object for the desired algorithm, for instance with
Crypto.Signature.pkcs1_15.new
. The first parameter is the key object (public key) obtained via theCrypto.PublicKey
module. - Instantiate a cryptographic hash object, for instance with
Crypto.Hash.SHA384.new
. Then, process the message with itsupdate
method. - Invoke the
verify
method on the verifier, with the hash object and the incoming signature as parameters. If the message is not authentic, an :pyValueError
is raised.
pkcs1_v1_5
pkcs1_pss
dsa