Package Crypto :: Package PublicKey :: Module RSA :: Class _RSAobj
[frames] | no frames]

Class _RSAobj

pubkey.pubkey --+
                |
               _RSAobj

Class defining an actual RSA key.
Instance Methods
 
__init__(self, implementation, key, randfunc=None)
 
encrypt(self, plaintext, K)
Encrypt a piece of data with RSA.
 
decrypt(self, ciphertext)
Decrypt a piece of data with RSA.
 
sign(self, M, K)
Sign a piece of data with RSA.
 
verify(self, M, signature)
Verify the validity of an RSA signature.
 
has_private(self)
Tell if the key object contains private components.
 
size(self)
Tell the maximum number of bits that can be handled by this key.
 
can_blind(self)
Tell if the algorithm can deal with data blinding.
 
can_encrypt(self)
Tell if the algorithm can deal with data encryption.
 
can_sign(self)
Tell if the algorithm can deal with cryptographic signatures.
 
publickey(self)
Construct a new key carrying only the public information.
 
exportKey(self, format='PEM', passphrase=None, pkcs=1, protection=None)
Export this RSA key.

Inherited from pubkey.pubkey: blind, unblind

Class Variables
  keydata = ['n', 'e', 'd', 'p', 'q', 'u']
Dictionary of RSA parameters.
Method Details

__init__(self, implementation, key, randfunc=None)
(Constructor)

 
Overrides: pubkey.pubkey.__init__

encrypt(self, plaintext, K)

 
Encrypt a piece of data with RSA.
Parameters:
  • plaintext (byte string or long) - The piece of data to encrypt with RSA. It may not be numerically larger than the RSA module (n).
  • K (byte string or long) - A random parameter (for compatibility only. This value will be ignored)
Returns:
A tuple with two items. The first item is the ciphertext of the same type as the plaintext (string or long). The second item is always None.
Overrides: pubkey.pubkey.encrypt

Attention: this function performs the plain, primitive RSA encryption (textbook). In real applications, you always need to use proper cryptographic padding, and you should not directly encrypt data with this method. Failure to do so may lead to security vulnerabilities. It is recommended to use modules Crypto.Cipher.PKCS1_OAEP or Crypto.Cipher.PKCS1_v1_5 instead.

decrypt(self, ciphertext)

 

Decrypt a piece of data with RSA.

Decryption always takes place with blinding.

Parameters:
  • ciphertext (byte string, long or a 2-item tuple as returned by encrypt) - The piece of data to decrypt with RSA. It may not be numerically larger than the RSA module (n). If a tuple, the first item is the actual ciphertext; the second item is ignored.
Returns:
A byte string if ciphertext was a byte string or a tuple of byte strings. A long otherwise.
Overrides: pubkey.pubkey.decrypt

Attention: this function performs the plain, primitive RSA decryption (textbook). In real applications, you always need to use proper cryptographic padding, and you should not directly decrypt data with this method. Failure to do so may lead to security vulnerabilities. It is recommended to use modules Crypto.Cipher.PKCS1_OAEP or Crypto.Cipher.PKCS1_v1_5 instead.

sign(self, M, K)

 

Sign a piece of data with RSA.

Signing always takes place with blinding.

Parameters:
  • M (byte string or long) - The piece of data to sign with RSA. It may not be numerically larger than the RSA module (n).
  • K (byte string or long) - A random parameter (for compatibility only. This value will be ignored)
Returns:
A 2-item tuple. The first item is the actual signature (a long). The second item is always None.
Overrides: pubkey.pubkey.sign

Attention: this function performs the plain, primitive RSA decryption (textbook). In real applications, you always need to use proper cryptographic padding, and you should not directly sign data with this method. Failure to do so may lead to security vulnerabilities. It is recommended to use modules Crypto.Signature.PKCS1_PSS or Crypto.Signature.PKCS1_v1_5 instead.

verify(self, M, signature)

 
Verify the validity of an RSA signature.
Parameters:
  • M (byte string or long) - The expected message.
  • signature (A 2-item tuple as return by sign) - The RSA signature to verify. The first item of the tuple is the actual signature (a long not larger than the modulus n), whereas the second item is always ignored.
Returns:
True if the signature is correct, False otherwise.
Overrides: pubkey.pubkey.verify

Attention: this function performs the plain, primitive RSA encryption (textbook). In real applications, you always need to use proper cryptographic padding, and you should not directly verify data with this method. Failure to do so may lead to security vulnerabilities. It is recommended to use modules Crypto.Signature.PKCS1_PSS or Crypto.Signature.PKCS1_v1_5 instead.

has_private(self)

 
Tell if the key object contains private components.
Returns:
bool
Overrides: pubkey.pubkey.has_private
(inherited documentation)

size(self)

 
Tell the maximum number of bits that can be handled by this key.
Returns:
int
Overrides: pubkey.pubkey.size
(inherited documentation)

can_blind(self)

 

Tell if the algorithm can deal with data blinding.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required carry out blinding.

Returns:
boolean
Overrides: pubkey.pubkey.can_blind
(inherited documentation)

can_encrypt(self)

 

Tell if the algorithm can deal with data encryption.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required to decrypt data.

Returns:
boolean
Overrides: pubkey.pubkey.can_encrypt
(inherited documentation)

can_sign(self)

 

Tell if the algorithm can deal with cryptographic signatures.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required to generate a signature.

Returns:
boolean
Overrides: pubkey.pubkey.can_sign
(inherited documentation)

publickey(self)

 
Construct a new key carrying only the public information.
Returns:
A new pubkey object.
Overrides: pubkey.pubkey.publickey
(inherited documentation)

exportKey(self, format='PEM', passphrase=None, pkcs=1, protection=None)

 

Export this RSA key.

Parameters:
  • format (string) - The format to use for wrapping the key:

    • 'DER'. Binary encoding.
    • 'PEM'. Textual encoding, done according to RFC1421/RFC1423.
    • 'OpenSSH'. Textual encoding, done according to OpenSSH specification. Only suitable for public keys (not private keys).
  • passphrase (string) - For private keys only. The pass phrase used for deriving the encryption key.
  • pkcs (integer) - For DER and PEM format only. The PKCS standard to follow for assembling the components of the key. You have two choices:

    • 1 (default): the public key is embedded into an X.509 SubjectPublicKeyInfo DER SEQUENCE. The private key is embedded into a PKCS#1 RSAPrivateKey DER SEQUENCE.
    • 8: the private key is embedded into a PKCS#8 PrivateKeyInfo DER SEQUENCE. This value cannot be used for public keys.
  • protection (string) - The encryption scheme to use for protecting the private key.

    If None (default), the behavior depends on format:

    • For DER, the PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC scheme is used. The following operations are performed:

      1. A 16 byte Triple DES key is derived from the passphrase using Crypto.Protocol.KDF.PBKDF2 with 8 bytes salt, and 1 000 iterations of Crypto.Hash.HMAC.
      2. The private key is encrypted using CBC.
      3. The encrypted key is encoded according to PKCS#8.
    • For PEM, the obsolete PEM encryption scheme is used. It is based on MD5 for key derivation, and Triple DES for encryption.

    Specifying a value for protection is only meaningful for PKCS#8 (that is, pkcs=8) and only if a pass phrase is present too.

    The supported schemes for PKCS#8 are listed in the Crypto.IO.PKCS8 module (see wrap_algo parameter).

Returns:
A byte string with the encoded public or private half of the key.
Raises:
  • ValueError - When the format is unknown or when you try to encrypt a private key with DER format and PKCS#1.

Attention: If you don't provide a pass phrase, the private key will be exported in the clear!


Class Variable Details

keydata

Dictionary of RSA parameters.

A public key will only have the following entries:

  • n, the modulus.
  • e, the public exponent.

A private key will also have:

  • d, the private exponent.
  • p, the first factor of n.
  • q, the second factor of n.
  • u, the CRT coefficient (1/p) mod q.
Value:
['n', 'e', 'd', 'p', 'q', 'u']