tlslite.utils.rsakey module

Abstract class for RSA.

class tlslite.utils.rsakey.RSAKey(n=0, e=0, key_type='rsa')[source]

Bases: object

This is an abstract base class for RSA keys.

Particular implementations of RSA keys, such as OpenSSL_RSAKey, Python_RSAKey, and PyCrypto_RSAKey, inherit from this.

To create or parse an RSA key, don’t use one of these classes directly. Instead, use the factory functions in keyfactory.

EMSA_PSS_encode(mHash, emBits, hAlg, sLen=0)[source]

Encode the passed in message

This encodes the message using selected hash algorithm

Parameters:

  • mHash (bytearray) – Hash of message to be encoded

  • emBits (int) – maximal length of returned EM

  • hAlg (str) – hash algorithm to be used

  • sLen (int) – length of salt

EMSA_PSS_verify(mHash, EM, emBits, hAlg, sLen=0)[source]

Verify signature in passed in encoded message

This verifies the signature in encoded message

Parameters:

  • mHash (bytes-like object) – Hash of the original not signed message

  • EM (bytes-like object) – Encoded message

  • emBits (int) – Length of the encoded message in bits

  • hAlg (str) – hash algorithm to be used

  • sLen (int) – Length of salt

MGF1(mgfSeed, maskLen, hAlg)[source]

Generate mask from passed-in seed.

This generates mask based on passed-in seed and output maskLen.

Parameters:

  • mgfSeed (bytearray) – Seed from which mask will be generated.

  • maskLen (int) – Wished length of the mask, in octets

Return type:

bytearray

Returns:

Mask

RSASSA_PSS_sign(mHash, hAlg, sLen=0)[source]

“Sign the passed in message

This signs the message using selected hash algorithm

Parameters:

  • mHash (bytes-like object) – Hash of message to be signed

  • hAlg (str) – hash algorithm to be used

  • sLen (int) – length of salt

RSASSA_PSS_verify(mHash, S, hAlg, sLen=0)[source]

Verify the signature in passed in message

This verifies the signature in the signed message

Parameters:

  • mHash (bytes-like object) – Hash of original message

  • S (bytes-like object) – Signed message

  • hAlg (str) – Hash algorithm to be used

  • sLen (int) – Length of salt

__init__(n=0, e=0, key_type='rsa')[source]

Create a new RSA key.

If n and e are passed in, the new key will be initialized.

Parameters:

  • n (int) – RSA modulus.

  • e (int) – RSA public exponent.

  • key_type (str) – type of the RSA key, “rsa” for rsaEncryption (universal, able to perform all operations) or “rsa-pss” for a RSASSA-PSS key (able to perform only RSA-PSS signature verification and creation)

acceptsPassword()[source]

Return True if the write() method accepts a password for use in encrypting the private key.

Return type:

bool

classmethod addPKCS1Prefix(data, hashName)[source]

Add the PKCS#1 v1.5 algorithm identifier prefix to hash bytes

classmethod addPKCS1SHA1Prefix(hashBytes, withNULL=True)[source]

Add PKCS#1 v1.5 algorithm identifier prefix to SHA1 hash bytes

decrypt(encBytes)[source]

Decrypt the passed-in bytes.

This requires the key to have a private component. It performs PKCS#1 v1.5 decryption operation of the passed-in data.

Note: as a workaround against Bleichenbacher-like attacks, it will return a deterministically selected random message in case the padding checks failed. It returns an error (None) only in case the ciphertext is of incorrect length or encodes an integer bigger than the modulus of the key (i.e. it’s publically invalid).

Parameters:

encBytes (bytes-like object) – The value which will be decrypted.

Return type:

bytearray or None

Returns:

A PKCS#1 v1.5 decryption of the passed-in data or None if the provided data is not properly formatted. Note: encrypting an empty string is correct, so it may return an empty bytearray for some ciphertexts.

encrypt(bytes)[source]

Encrypt the passed-in bytes.

This performs PKCS1 encryption of the passed-in data.

Parameters:

bytes (bytes-like object) – The value which will be encrypted.

Return type:

bytearray

Returns:

A PKCS1 encryption of the passed-in data.

static generate(bits, key_type='rsa')[source]

Generate a new key with the specified bit length.

Return type:

RSAKey

hasPrivateKey()[source]

Return whether or not this key has a private component.

Return type:

bool

hashAndSign(bytes, rsaScheme='PKCS1', hAlg='sha1', sLen=0)[source]

Hash and sign the passed-in bytes.

This requires the key to have a private component. It performs a PKCS1 or PSS signature on the passed-in data with selected hash algorithm.

Parameters:

  • bytes (bytes-like object) – The value which will be hashed and signed.

  • rsaScheme (str) – The type of RSA scheme that will be applied, “PKCS1” for RSASSA-PKCS#1 v1.5 signature and “PSS” for RSASSA-PSS with MGF1 signature method

  • hAlg (str) – The hash algorithm that will be used

  • sLen (int) – The length of intended salt value, applicable only for RSASSA-PSS signatures

Return type:

bytearray

Returns:

A PKCS1 or PSS signature on the passed-in data.

hashAndVerify(sigBytes, bytes, rsaScheme='PKCS1', hAlg='sha1', sLen=0)[source]

Hash and verify the passed-in bytes with the signature.

This verifies a PKCS1 or PSS signature on the passed-in data with selected hash algorithm.

Parameters:

  • sigBytes (bytes-like object) – A PKCS1 or PSS signature.

  • bytes (bytes-like object) – The value which will be hashed and verified.

  • rsaScheme (str) – The type of RSA scheme that will be applied, “PKCS1” for RSASSA-PKCS#1 v1.5 signature and “PSS” for RSASSA-PSS with MGF1 signature method

  • hAlg (str) – The hash algorithm that will be used

  • sLen (int) – The length of intended salt value, applicable only for RSASSA-PSS signatures

Return type:

bool

Returns:

Whether the signature matches the passed-in data.

sign(bytes, padding='pkcs1', hashAlg=None, saltLen=None)[source]

Sign the passed-in bytes.

This requires the key to have a private component. It performs a PKCS1 signature on the passed-in data.

Parameters:

  • bytes (bytes-like object) – The value which will be signed.

  • padding (str) – name of the rsa padding mode to use, supported: “pkcs1” for RSASSA-PKCS1_1_5 and “pss” for RSASSA-PSS.

  • hashAlg (str) – name of hash to be encoded using the PKCS#1 prefix for “pkcs1” padding or the hash used for MGF1 in “pss”. Parameter is mandatory for “pss” padding.

  • saltLen (int) – length of salt used for the PSS padding. Default is the length of the hash output used.

Return type:

bytearray

Returns:

A PKCS1 signature on the passed-in data.

verify(sigBytes, bytes, padding='pkcs1', hashAlg=None, saltLen=None)[source]

Verify the passed-in bytes with the signature.

This verifies a PKCS1 signature on the passed-in data.

Parameters:

  • sigBytes (bytes-like object) – A PKCS1 signature.

  • bytes (bytes-like object) – The value which will be verified.

Return type:

bool

Returns:

Whether the signature matches the passed-in data.

write(password=None)[source]

Return a string containing the key.

Return type:

str

Returns:

A string describing the key, in whichever format (PEM) is native to the implementation.

tlslite.utils.rsakey.bytes_to_int(bytes, byteorder='big', *, signed=False)

Return the integer represented by the given array of bytes.

bytes

Holds the array of bytes to convert. The argument must either support the buffer protocol or be an iterable object producing bytes. Bytes and bytearray are examples of built-in objects that support the buffer protocol.

byteorder

The byte order used to represent the integer. If byteorder is ‘big’, the most significant byte is at the beginning of the byte array. If byteorder is ‘little’, the most significant byte is at the end of the byte array. To request the native byte order of the host system, use `sys.byteorder’ as the byte order value. Default is to use ‘big’.

signed

Indicates whether two’s complement is used to represent the integer.