%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib64/python2.7/site-packages/Crypto/Signature/
Upload File :
Create Path :
Current File : //lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyc

�
Bd\Rc@s�dZddlmZdZddgZddlTejddkreejd	d	kreddlTndd
l	Z
ddl	mZmZm
Z
ddlmZddd
��YZd�Zd�Zd�Zd
d
d�Zd
S(s�RSA digital signature protocol with appendix according to PKCS#1 PSS.

See RFC3447__ or the `original RSA Labs specification`__.

This scheme is more properly called ``RSASSA-PSS``.

For example, a sender may authenticate a message using SHA-1 and PSS like
this:

    >>> from Crypto.Signature import PKCS1_PSS
    >>> from Crypto.Hash import SHA
    >>> from Crypto.PublicKey import RSA
    >>> from Crypto import Random
    >>>
    >>> message = 'To be signed'
    >>> key = RSA.importKey(open('privkey.der').read())
    >>> h = SHA.new()
    >>> h.update(message)
    >>> signer = PKCS1_PSS.new(key)
    >>> signature = PKCS1_PSS.sign(key)

At the receiver side, verification can be done like using the public part of
the RSA key:

    >>> key = RSA.importKey(open('pubkey.der').read())
    >>> h = SHA.new()
    >>> h.update(message)
    >>> verifier = PKCS1_PSS.new(key)
    >>> if verifier.verify(h, signature):
    >>>     print "The signature is authentic."
    >>> else:
    >>>     print "The signature is not authentic."

:undocumented: __revision__, __package__

.. __: http://www.ietf.org/rfc/rfc3447.txt
.. __: http://www.rsa.com/rsalabs/node.asp?id=2125
i����(t
nested_scopess$Id$tnewt
PSS_SigScheme(t*iiiN(t
ceil_shifttceil_divt
long_to_bytes(tstrxorcBs2eZdZd�Zd�Zd�Zd�ZRS(sKThis signature scheme can perform PKCS#1 PSS RSA signature or verification.cCs||_||_||_dS(s!Initialize this PKCS#1 PSS signature scheme object.
        
        :Parameters:
         key : an RSA key object
                If a private half is given, both signature and verification are possible.
                If a public half is given, only verification is possible.
         mgfunc : callable
                A mask generation function that accepts two parameters: a string to
                use as seed, and the lenth of the mask to generate, in bytes.
         saltLen : int
                Length of the salt, in bytes.
        N(t_keyt_saltLent_mgfunc(tselftkeytmgfunctsaltLen((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyt__init__Os
		cCs
|jj�S(sCReturn True if this cipher object can be used for signing messages.(Rthas_private(R((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pytcan_sign`sc
s�|jj}|jdkr'�j}n	|j}|jrE|j}n�fd�}tjjj	|jj
�}t|d�}t�|d|||�}|jj
|�}td�|t|�|}	|	S(sBProduce the PKCS#1 PSS signature of a message.
    
        This function is named ``RSASSA-PSS-SIGN``, and is specified in
        section 8.1.1 of RFC3447.
    
        :Parameters:
         mhash : hash object
                The hash that was carried out over the message. This is an object
                belonging to the `Crypto.Hash` module.
   
        :Return: The PSS signature encoded as a string.
        :Raise ValueError:
            If the RSA key length is not sufficiently long to deal with the given
            hash algorithm.
        :Raise TypeError:
            If the RSA key has no private half.
    
        :attention: Modify the salt length and the mask generation function only
                    if you know what you are doing.
                    The receiver must use the same parameters too.
        cst||��S(N(tMGF1(txty(tmhash(s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyt<lambda>�siiiN(Rt	_randfuncR	tNonetdigest_sizeR
tCryptotUtiltnumbertsizetnRtEMSA_PSS_ENCODEtdecrypttbchrtlen(
RRtrandfunctsLentmgftmodBitstktemtmtS((Rs@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pytsignds		c
s|jdkr�j}n	|j}|jr9|j}n�fd�}tjjj|jj	�}t
|d�}t|�|kr�tS|jj
|d�d}t
|dd�}td�|t|�|}y t�||d||�}	Wntk
rtSX|	S(s�Verify that a certain PKCS#1 PSS signature is authentic.
    
        This function checks if the party holding the private half of the given
        RSA key has really signed the message.
    
        This function is called ``RSASSA-PSS-VERIFY``, and is specified in section
        8.1.2 of RFC3447.
    
        :Parameters:
         mhash : hash object
                The hash that was carried out over the message. This is an object
                belonging to the `Crypto.Hash` module.
         S : string
                The signature that needs to be validated.
    
        :Return: True if verification is correct. False otherwise.
        cst||��S(N(R(RR(R(s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyR�siiiN(R	RRR
RRRRRRRR"tFalsetencryptR!tEMSA_PSS_VERIFYt
ValueError(
RRR*R$R%R&R'R(temLentresult((Rs@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pytverify�s$		 
(t__name__t
__module__t__doc__RRR+R2(((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyRLs
			0cCs{td�}xLtt||j��D]2}t|d�}||j||�j�}q%Wt|�|ksst�|| S(s,Mask Generation Function, described in B.2.1ti(	tbtxrangeRRRRtdigestR"tAssertionError(tmgfSeedtmaskLenthashtTtcountertc((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyR�s!cCsYt|d�}d}x*td||�D]}|d?dB}q*W||j|dkrhtd��ntd�}|r�|dkr�||�}n|jtd�d|j�|�}	td�|||jdtd�|}
||	j�||jd�}t|
|�}tt	|d�|@�|d}||	j�td�}
|
S(	s%
    Implement the ``EMSA-PSS-ENCODE`` function, as defined
    in PKCS#1 v2.1 (RFC3447, 9.1.1).

    The original ``EMSA-PSS-ENCODE`` actually accepts the message ``M`` as input,
    and hash it internally. Here, we expect that the message has already
    been hashed instead.

    :Parameters:
     mhash : hash object
            The hash object that holds the digest of the message being signed.
     emBits : int
            Maximum length of the final encoding, in bits.
     randFunc : callable
            An RNG function that accepts as only parameter an int, and returns
            a string of random bytes, to be used as salt.
     mgf : callable
            A mask generation function that accepts two parameters: a string to
            use as seed, and the lenth of the mask to generate, in bytes.
     sLen : int
            Length of the salt, in bytes.

    :Return: An ``emLen`` byte long string that encodes the hash
            (with ``emLen = \ceil(emBits/8)``).

    :Raise ValueError:
        When digest or salt length are too big.
    iiii�is6Digest or salt length are too long for given key size.R6i�(
RR8RR/R7RR!R9Rtbord(RtemBitstrandFuncR%R$R0tlmasktitsaltthtdbtdbMasktmaskedDBR(((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyR�s '- #cCs�t|d�}d}x*td||�D]}|d?dB}q*W||j|dkr]tSt|d�dkrwtS|||jd }|||jdd!}	|t|d�@r�tS||	||jd�}
t||
�}tt|d�|@�|d}|jtd�||j|dtd��s>tSt	d�}|r^||}n|j
td�d|j�|�j�}
|	|
kr�tStS(	s�
    Implement the ``EMSA-PSS-VERIFY`` function, as defined
    in PKCS#1 v2.1 (RFC3447, 9.1.2).

    ``EMSA-PSS-VERIFY`` actually accepts the message ``M`` as input,
    and hash it internally. Here, we expect that the message has already
    been hashed instead.

    :Parameters:
     mhash : hash object
            The hash object that holds the digest of the message to be verified.
     em : string
            The signature to verify, therefore proving that the sender really signed
            the message that was received.
     emBits : int
            Length of the final encoding (em), in bits.
     mgf : callable
            A mask generation function that accepts two parameters: a string to
            use as seed, and the lenth of the mask to generate, in bytes.
     sLen : int
            Length of the salt, in bytes.

    :Return: 0 if the encoding is consistent, 1 if it is inconsistent.

    :Raise ValueError:
        When digest or salt length are too big.
    iiii�ii����i�R6(
RR8RR,tordRARR!t
startswithR7RR9tTrue(RR(RBR%R$R0RDRERJRGRIRHRFthp((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyR.
s0#2-cCst|||�S(s�Return a signature scheme object `PSS_SigScheme` that
    can be used to perform PKCS#1 PSS signature or verification.

    :Parameters:
     key : RSA key object
        The key to use to sign or verify the message. This is a `Crypto.PublicKey.RSA` object.
        Signing is only possible if *key* is a private RSA key.
     mgfunc : callable
        A mask generation function that accepts two parameters: a string to
        use as seed, and the lenth of the mask to generate, in bytes.
        If not specified, the standard MGF1 is used.
     saltLen : int
        Length of the salt, in bytes. If not specified, it matches the output
        size of the hash function.
 
    (R(RR
R((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyRQs((R5t
__future__Rt__revision__t__all__tCrypto.Util.py3compattsystversion_infotCrypto.Util.py21compattCrypto.Util.numberRRRRtCrypto.Util.strxorRRRRR.RR(((s@/usr/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_PSS.pyt<module><s
&
}			;	D

Zerion Mini Shell 1.0