Skip to content

Latest commit

 

History

History
86 lines (66 loc) · 2.79 KB

utils.rst

File metadata and controls

86 lines (66 loc) · 2.79 KB
Raw

Asymmetric Utilities

cryptography.hazmat.primitives.asymmetric.utils

decode_dss_signature(signature)

Takes in signatures generated by the DSA/ECDSA signers and returns a tuple (r, s). These signatures are ASN.1 encoded Dss-Sig-Value sequences (as defined in 3279)

param bytes signature

The signature to decode.

returns

The decoded tuple (r, s).

raises ValueError

Raised if the signature is malformed.

encode_dss_signature(r, s)

Creates an ASN.1 encoded Dss-Sig-Value (as defined in 3279) from raw r and s values.

param int r

The raw signature value r.

param int s

The raw signature value s.

return bytes

The encoded signature.

1.6

Prehashed can be passed as the algorithm in the RSA ~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.sign and ~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey.verify as well as DSA ~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey.sign and ~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey.verify methods.

For elliptic curves it can be passed as the algorithm in ~cryptography.hazmat.primitives.asymmetric.ec.ECDSA and then used with ~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign and ~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify .

param algorithm

An instance of ~cryptography.hazmat.primitives.hashes.HashAlgorithm.

>>> import hashlib >>> from cryptography.hazmat.primitives import hashes >>> from cryptography.hazmat.primitives.asymmetric import ( ... padding, rsa, utils ... ) >>> private_key = rsa.generate_private_key( ... public_exponent=65537, ... key_size=2048, ... ) >>> prehashed_msg = hashlib.sha256(b"A message I want to sign").digest() >>> signature = private_key.sign( ... prehashed_msg, ... padding.PSS( ... mgf=padding.MGF1(hashes.SHA256()), ... salt_length=padding.PSS.MAX_LENGTH ... ), ... utils.Prehashed(hashes.SHA256()) ... ) >>> public_key = private_key.public_key() >>> public_key.verify( ... signature, ... prehashed_msg, ... padding.PSS( ... mgf=padding.MGF1(hashes.SHA256()), ... salt_length=padding.PSS.MAX_LENGTH ... ), ... utils.Prehashed(hashes.SHA256()) ... )