tlslite.utils.rsakey module

Abstract class for RSA.

class tlslite.utils.rsakey.RSAKey(n=0, e=0)

Bases: object

This is an abstract base class for RSA keys.

Particular implementations of RSA keys, such as OpenSSL_RSAKey, Python_RSAKey, and PyCrypto_RSAKey, inherit from this.

To create or parse an RSA key, don’t use one of these classes directly. Instead, use the factory functions in keyfactory.

EMSA_PSS_encode(mHash, emBits, hAlg, sLen=0)

Encode the passed in message

This encodes the message using selected hash algorithm

Parameters:
  • mHash (bytearray) – Hash of message to be encoded
  • emBits (int) – maximal length of returned EM
  • hAlg (str) – hash algorithm to be used
  • sLen (int) – length of salt
EMSA_PSS_verify(mHash, EM, emBits, hAlg, sLen=0)

Verify signature in passed in encoded message

This verifies the signature in encoded message

Parameters:
  • mHash (bytearray) – Hash of the original not signed message
  • EM (bytearray) – Encoded message
  • emBits (int) – Length of the encoded message in bits
  • hAlg (str) – hash algorithm to be used
  • sLen (int) – Length of salt
MGF1(mgfSeed, maskLen, hAlg)

Generate mask from passed-in seed.

This generates mask based on passed-in seed and output maskLen.

Parameters:
  • mgfSeed (bytearray) – Seed from which mask will be generated.
  • maskLen (int) – Wished length of the mask, in octets
Return type:

bytearray
Returns:

Mask
RSASSA_PSS_sign(mHash, hAlg, sLen=0)

“Sign the passed in message

This signs the message using selected hash algorithm

Parameters:
  • mHash (bytearray) – Hash of message to be signed
  • hAlg (str) – hash algorithm to be used
  • sLen (int) – length of salt
RSASSA_PSS_verify(mHash, S, hAlg, sLen=0)

Verify the signature in passed in message

This verifies the signature in the signed message

Parameters:
  • mHash (bytearray) – Hash of original message
  • S (bytearray) – Signed message
  • hAlg (str) – Hash algorithm to be used
  • sLen (int) – Length of salt
__init__(n=0, e=0)

Create a new RSA key.

If n and e are passed in, the new key will be initialized.

Parameters:
  • n (int) – RSA modulus.
  • e (int) – RSA public exponent.
acceptsPassword()

Return True if the write() method accepts a password for use in encrypting the private key.

Return type:bool
classmethod addPKCS1Prefix(data, hashName)

Add the PKCS#1 v1.5 algorithm identifier prefix to hash bytes

classmethod addPKCS1SHA1Prefix(hashBytes, withNULL=True)

Add PKCS#1 v1.5 algorithm identifier prefix to SHA1 hash bytes

decrypt(encBytes)

Decrypt the passed-in bytes.

This requires the key to have a private component. It performs PKCS#1 v1.5 decryption operation of the passed-in data.

Note: as a workaround against Bleichenbacher-like attacks, it will return a deterministically selected random message in case the padding checks failed. It returns an error (None) only in case the ciphertext is of incorrect length or encodes an integer bigger than the modulus of the key (i.e. it’s publically invalid).

Parameters:encBytes (bytearray) – The value which will be decrypted.
Return type:bytearray or None
Returns:A PKCS#1 v1.5 decryption of the passed-in data or None if the provided data is not properly formatted. Note: encrypting an empty string is correct, so it may return an empty bytearray for some ciphertexts.
encrypt(bytes)

Encrypt the passed-in bytes.

This performs PKCS1 encryption of the passed-in data.

Parameters:bytes (bytearray) – The value which will be encrypted.
Return type:bytearray
Returns:A PKCS1 encryption of the passed-in data.
static generate(bits)

Generate a new key with the specified bit length.

Return type:RSAKey
hasPrivateKey()

Return whether or not this key has a private component.

Return type:bool
hashAndSign(bytes, rsaScheme='PKCS1', hAlg='sha1', sLen=0)

Hash and sign the passed-in bytes.

This requires the key to have a private component. It performs a PKCS1 or PSS signature on the passed-in data with selected hash algorithm.

Parameters:
  • bytes (str or bytearray) – The value which will be hashed and signed.
  • rsaScheme (str) – The type of RSA scheme that will be applied, “PKCS1” for RSASSA-PKCS#1 v1.5 signature and “PSS” for RSASSA-PSS with MGF1 signature method
  • hAlg (str) – The hash algorithm that will be used
  • sLen (int) – The length of intended salt value, applicable only for RSASSA-PSS signatures
Return type:

bytearray
Returns:

A PKCS1 or PSS signature on the passed-in data.
hashAndVerify(sigBytes, bytes, rsaScheme='PKCS1', hAlg='sha1', sLen=0)

Hash and verify the passed-in bytes with the signature.

This verifies a PKCS1 or PSS signature on the passed-in data with selected hash algorithm.

Parameters:
  • sigBytes (bytearray) – A PKCS1 or PSS signature.
  • bytes (str or bytearray) – The value which will be hashed and verified.
  • rsaScheme (str) – The type of RSA scheme that will be applied, “PKCS1” for RSASSA-PKCS#1 v1.5 signature and “PSS” for RSASSA-PSS with MGF1 signature method
  • hAlg (str) – The hash algorithm that will be used
  • sLen (int) – The length of intended salt value, applicable only for RSASSA-PSS signatures
Return type:

bool
Returns:

Whether the signature matches the passed-in data.
sign(bytes, padding='pkcs1', hashAlg=None, saltLen=None)

Sign the passed-in bytes.

This requires the key to have a private component. It performs a PKCS1 signature on the passed-in data.

Parameters:
  • bytes (bytearray) – The value which will be signed.
  • padding (str) – name of the rsa padding mode to use, supported: “pkcs1” for RSASSA-PKCS1_1_5 and “pss” for RSASSA-PSS.
  • hashAlg (str) – name of hash to be encoded using the PKCS#1 prefix for “pkcs1” padding or the hash used for MGF1 in “pss”. Parameter is mandatory for “pss” padding.
  • saltLen (int) – length of salt used for the PSS padding. Default is the length of the hash output used.
Return type:

bytearray
Returns:

A PKCS1 signature on the passed-in data.
verify(sigBytes, bytes, padding='pkcs1', hashAlg=None, saltLen=None)

Verify the passed-in bytes with the signature.

This verifies a PKCS1 signature on the passed-in data.

Parameters:
  • sigBytes (bytearray) – A PKCS1 signature.
  • bytes (bytearray) – The value which will be verified.
Return type:

bool
Returns:

Whether the signature matches the passed-in data.
write(password=None)

Return a string containing the key.

Return type:str
Returns:A string describing the key, in whichever format (PEM) is native to the implementation.