ó õùPc@sƒdZdZddgZddlZddlmZddlmZmZm Z ddl Tdd d „ƒYZ d „Z d „Z dS( sr RSA digital signature protocol according to PKCS#1 v1.5 See RFC3447__ or the `original RSA Labs specification`__. This scheme is more properly called ``RSASSA-PKCS1-v1_5``. For example, a sender may authenticate a message using SHA-1 like this: >>> from Crypto.Signature import PKCS1_v1_5 >>> from Crypto.Hash import SHA >>> from Crypto.PublicKey import RSA >>> >>> message = 'To be signed' >>> key = RSA.importKey(open('privkey.der').read()) >>> h = SHA.new(message) >>> signer = PKCS1_v1_5.new(key) >>> signature = signer.sign(h) At the receiver side, verification can be done using the public part of the RSA key: >>> key = RSA.importKey(open('pubkey.der').read()) >>> h = SHA.new(message) >>> verifier = PKCS1_v1_5.new(key) >>> if verifier.verify(h, signature): >>> print "The signature is authentic." >>> else: >>> print "The signature is not authentic." :undocumented: __revision__, __package__ .. __: http://www.ietf.org/rfc/rfc3447.txt .. __: http://www.rsa.com/rsalabs/node.asp?id=2125 s$Id$tnewtPKCS115_SigSchemeiÿÿÿÿN(tceil_div(t DerSequencetDerNulltDerOctetString(t*cBs2eZdZd„Zd„Zd„Zd„ZRS(sLThis signature scheme can perform PKCS#1 v1.5 RSA signature or verification.cCs ||_dS(sInitialize this PKCS#1 v1.5 signature scheme object. :Parameters: key : an RSA key object If a private half is given, both signature and verification are possible. If a public half is given, only verification is possible. N(t_key(tselftkey((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pyt__init__GscCs |jjƒS(sCReturn True if this cipher object can be used for signing messages.(Rt has_private(R((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pytcan_signQscCsmtjjj|jjƒ}t|dƒ}t||ƒ}|jj|ƒ}t dƒ|t |ƒ|}|S(szProduce the PKCS#1 v1.5 signature of a message. This function is named ``RSASSA-PKCS1-V1_5-SIGN``, and is specified in section 8.2.1 of RFC3447. :Parameters: mhash : hash object The hash that was carried out over the message. This is an object belonging to the `Crypto.Hash` module. :Return: The signature encoded as a string. :Raise ValueError: If the RSA key length is not sufficiently long to deal with the given hash algorithm. :Raise TypeError: If the RSA key has no private half. ii( tCryptotUtiltnumbertsizeRtnRtEMSA_PKCS1_V1_5_ENCODEtdecrypttbchrtlen(RtmhashtmodBitstktemtmtS((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pytsignUs cCs©tjjj|jjƒ}t|dƒ}t|ƒ|kr@dS|jj|dƒd}t dƒ|t|ƒ|}yt ||ƒ}Wnt k rždSX||kS(s†Verify that a certain PKCS#1 v1.5 signature is authentic. This function checks if the party holding the private half of the key really signed the message. This function is named ``RSASSA-PKCS1-V1_5-VERIFY``, and is specified in section 8.2.2 of RFC3447. :Parameters: mhash : hash object The hash that was carried out over the message. This is an object belonging to the `Crypto.Hash` module. S : string The signature that needs to be validated. :Return: True if verification is correct. False otherwise. ii( R RRRRRRRtencryptRRt ValueError(RRRRRRtem1tem2((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pytverifyus (t__name__t __module__t__doc__R R RR!(((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pyRDs   cCs½t|jtƒjƒgƒ}t|jƒƒ}t|jƒ|jƒgƒjƒ}|t|ƒdkrƒtdt|ƒƒ‚ntdƒ|t|ƒd}t dƒ|tdƒ|S(s@ Implement the ``EMSA-PKCS1-V1_5-ENCODE`` function, as defined in PKCS#1 v2.1 (RFC3447, 9.2). ``EMSA-PKCS1-V1_5-ENCODE`` actually accepts the message ``M`` as input, and hash it internally. Here, we expect that the message has already been hashed instead. :Parameters: hash : hash object The hash object that holds the digest of the message being signed. emLen : int The length the final encoding must have, in bytes. :attention: the early standard (RFC2313) stated that ``DigestInfo`` had to be BER-encoded. This means that old signatures might have length tags in indefinite form, which is not supported in DER. Such encoding cannot be reproduced by this function. :attention: the same standard defined ``DigestAlgorithm`` to be of ``AlgorithmIdentifier`` type, where the PARAMETERS item is optional. Encodings for ``MD2/4/5`` without ``PARAMETERS`` cannot be reproduced by this function. :Return: An ``emLen`` byte long string that encodes the hash. i s8Selected hash algorith has a too long digest (%d bytes).iÿiti( RtoidRtencodeRtdigestRRRtb(thashtemLent digestAlgoR(t digestInfotPS((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pyR£s0 cCs t|ƒS(sHReturn a signature scheme object `PKCS115_SigScheme` that can be used to perform PKCS#1 v1.5 signature or verification. :Parameters: key : RSA key object The key to use to sign or verify the message. This is a `Crypto.PublicKey.RSA` object. Signing is only possible if *key* is a private RSA key. (R(R ((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pyRás ((R$t __revision__t__all__tCrypto.Util.numberR RtCrypto.Util.asn1RRRtCrypto.Util.py3compatRRR(((s6..\python\site-packages\Crypto\Signature\PKCS1_v1_5.pyt:s   _ >