B Bd\R½!ã@sbdZdZddgZddlZddlmZddlmZmZm Z ddl TGd d„dƒZ d d „Z d d„Z dS) ar RSA digital signature protocol according to PKCS#1 v1.5 See RFC3447__ or the `original RSA Labs specification`__. This scheme is more properly called ``RSASSA-PKCS1-v1_5``. For example, a sender may authenticate a message using SHA-1 like this: >>> from Crypto.Signature import PKCS1_v1_5 >>> from Crypto.Hash import SHA >>> from Crypto.PublicKey import RSA >>> >>> message = 'To be signed' >>> key = RSA.importKey(open('privkey.der').read()) >>> h = SHA.new(message) >>> signer = PKCS1_v1_5.new(key) >>> signature = signer.sign(h) At the receiver side, verification can be done using the public part of the RSA key: >>> key = RSA.importKey(open('pubkey.der').read()) >>> h = SHA.new(message) >>> verifier = PKCS1_v1_5.new(key) >>> if verifier.verify(h, signature): >>> print "The signature is authentic." >>> else: >>> print "The signature is not authentic." :undocumented: __revision__, __package__ .. __: http://www.ietf.org/rfc/rfc3447.txt .. __: http://www.rsa.com/rsalabs/node.asp?id=2125 z$Id$ÚnewÚPKCS115_SigSchemeéN)Úceil_div)Ú DerSequenceÚDerNullÚDerOctetString)Ú*c@s0eZdZdZdd„Zdd„Zdd„Zdd „Zd S) rzLThis signature scheme can perform PKCS#1 v1.5 RSA signature or verification.cCs ||_dS)aInitialize this PKCS#1 v1.5 signature scheme object. :Parameters: key : an RSA key object If a private half is given, both signature and verification are possible. If a public half is given, only verification is possible. N)Ú_key)ÚselfÚkey©r úN/opt/alt/python37/lib64/python3.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyÚ__init__GszPKCS115_SigScheme.__init__cCs |j ¡S)zCReturn True if this cipher object can be used for signing messages.)r Z has_private)r r r r Úcan_signQszPKCS115_SigScheme.can_signcCsNtjj |jj¡}t|dƒ}t||ƒ}|j |¡}t dƒ|t |ƒ|}|S)azProduce the PKCS#1 v1.5 signature of a message. This function is named ``RSASSA-PKCS1-V1_5-SIGN``, and is specified in section 8.2.1 of RFC3447. :Parameters: mhash : hash object The hash that was carried out over the message. This is an object belonging to the `Crypto.Hash` module. :Return: The signature encoded as a string. :Raise ValueError: If the RSA key length is not sufficiently long to deal with the given hash algorithm. :Raise TypeError: If the RSA key has no private half. ér) ÚCryptoÚUtilÚnumberÚsizer ÚnrÚEMSA_PKCS1_V1_5_ENCODEZdecryptÚbchrÚlen)r ÚmhashÚmodBitsÚkZemÚmÚSr r r ÚsignUs    zPKCS115_SigScheme.signcCs‚tjj |jj¡}t|dƒ}t|ƒ|kr,dS|j |d¡d}t dƒ|t|ƒ|}yt ||ƒ}Wnt k rxdSX||kS)a†Verify that a certain PKCS#1 v1.5 signature is authentic. This function checks if the party holding the private half of the key really signed the message. This function is named ``RSASSA-PKCS1-V1_5-VERIFY``, and is specified in section 8.2.2 of RFC3447. :Parameters: mhash : hash object The hash that was carried out over the message. This is an object belonging to the `Crypto.Hash` module. S : string The signature that needs to be validated. :Return: True if verification is correct. False otherwise. rr) rrrrr rrrZencryptrrÚ ValueError)r rrrrrZem1Zem2r r r Úverifyus  zPKCS115_SigScheme.verifyN)Ú__name__Ú __module__Ú __qualname__Ú__doc__rrrr r r r r rDs   cCsˆt|jtƒ ¡gƒ}t| ¡ƒ}t| ¡| ¡gƒ ¡}|t|ƒdkrXtdt|ƒƒ‚tdƒ|t|ƒd}t dƒ|tdƒ|S)a@ Implement the ``EMSA-PKCS1-V1_5-ENCODE`` function, as defined in PKCS#1 v2.1 (RFC3447, 9.2). ``EMSA-PKCS1-V1_5-ENCODE`` actually accepts the message ``M`` as input, and hash it internally. Here, we expect that the message has already been hashed instead. :Parameters: hash : hash object The hash object that holds the digest of the message being signed. emLen : int The length the final encoding must have, in bytes. :attention: the early standard (RFC2313) stated that ``DigestInfo`` had to be BER-encoded. This means that old signatures might have length tags in indefinite form, which is not supported in DER. Such encoding cannot be reproduced by this function. :attention: the same standard defined ``DigestAlgorithm`` to be of ``AlgorithmIdentifier`` type, where the PARAMETERS item is optional. Encodings for ``MD2/4/5`` without ``PARAMETERS`` cannot be reproduced by this function. :Return: An ``emLen`` byte long string that encodes the hash. é z8Selected hash algorith has a too long digest (%d bytes).éÿézr) rZoidrÚencoderÚdigestrrrÚb)ÚhashZemLenZ digestAlgor)Z digestInfoZPSr r r r£s0 rcCst|ƒS)aHReturn a signature scheme object `PKCS115_SigScheme` that can be used to perform PKCS#1 v1.5 signature or verification. :Parameters: key : RSA key object The key to use to sign or verify the message. This is a `Crypto.PublicKey.RSA` object. Signing is only possible if *key* is a private RSA key. )r)r r r r rás )r$Z __revision__Ú__all__ZCrypto.Util.numberrrZCrypto.Util.asn1rrrZCrypto.Util.py3compatrrrr r r r Ú:s _>