A probabilistic digital signature scheme based on RSA.
It is more formally called RSASSA-PSS
in Section 8.1 of RFC8017.
The following example shows how the sender can use its own private key (loaded from a file) to create the signature of a message:
>>> from Crypto.Signature import pss >>> from Crypto.Hash import SHA256 >>> from Crypto.PublicKey import RSA >>> >>> message = b'To be signed' >>> key = RSA.import_key(open('privkey.der', 'rb').read()) >>> h = SHA256.new(message) >>> signature = pss.new(key).sign(h)
At the receiver side, the matching public RSA key is used to verify authenticity of the incoming message:
>>> key = RSA.import_key(open('pubkey.der', 'rb').read()) >>> h = SHA256.new(message) >>> verifier = pss.new(key) >>> try: >>> verifier.verify(h, signature) >>> print("The signature is authentic.") >>> except (ValueError): >>> print("The signature is not authentic.")
.. automodule:: Crypto.Signature.pss :members: