RSASSA#

Module for RSASSA.

protocol crypto_condor.primitives.RSASSA.Sign#

Bases: Protocol

Represents a function that signs with RSASSA-PKCS1-v1_5 or RSASSA-PSS.

Classes that implement this protocol must have the following methods / attributes:

__call__(private_key, message)#

Signs a message with RSA.

Parameters:

  • private_key (bytes) – The private key in PEM format.

  • message (bytes) – The message to sign.

Returns:

The signature.

Return type:

bytes

protocol crypto_condor.primitives.RSASSA.VerifyPkcs#

Bases: Protocol

Represents a function that verifies RSASSA-PKCS1-v1_5 signatures.

Classes that implement this protocol must have the following methods / attributes:

__call__(public_key, message, signature)#

Verifies an RSA signature.

Parameters:

  • public_key (bytes) – The public part of the key used to sign the message in PEM format.

  • message (bytes) – The signed message.

  • signature (bytes) – The signature to verify.

Returns:

True if the signature is valid, False otherwise.

Return type:

bool

protocol crypto_condor.primitives.RSASSA.VerifyPss#

Bases: Protocol

Represents a function that verifies RSASSA-PSS signatures.

Classes that implement this protocol must have the following methods / attributes:

__call__(public_key, message, signature, salt_length)#

Verifies an RSA signature.

Parameters:

  • public_key (bytes) – The public part of the key used to sign the message in PEM format.

  • message (bytes) – The signed message.

  • signature (bytes) – The signature to verify.

  • salt_length (int) – The length of the salt used in MGF1, in bytes.

Returns:

True if the signature is valid, False otherwise.

Return type:

bool

enum crypto_condor.primitives.RSASSA.Wrapper(value)#

Bases: StrEnum

Available wrappers.

Member Type:

str

Valid values are as follows:

PYTHON = <Wrapper.PYTHON: 'Python'>#
crypto_condor.primitives.RSASSA.run_wrapper(language, scheme, hash_algorithm, mgf_hash=None, run_sign=True, run_verify=True)#

Runs the corresponding wrapper.

Parameters:

  • language (Wrapper) – The language of the wrapper to run.

  • scheme (Scheme) – The RSA signature scheme to test.

  • hash_algorithm (Hash) – The hash algorithm used.

  • mgf_hash (Hash | None) – (RSASSA-PSS only) The hash algorithm to use with MGF1.

  • run_sign (bool) – Whether to test signature generation.

  • run_verify (bool) – Whether to test signature verification.

Returns:

The results of test_sign(), test_verify_pss(), or test_verify_pkcs() depending on the options used.

Return type:

ResultsDict

crypto_condor.primitives.RSASSA.test_sign(sign_function, scheme, hash_algorithm, *, pre_hashed=False)#

Tests a signing function with NIST test vectors.

Parameters:

  • sign_function (Sign) – The function to test, see Sign.

  • scheme (Scheme) – The signature scheme to use, e.g RSASSA-PSS.

  • hash_algorithm (Hash) – The hash algorithm to use.

Keyword Arguments:

pre_hashed – If True, the messages are hashed before passing them to sign_function.

Returns:

A dictionary containing a Results instance per vectors file, indexed by its filename. If there are no vectors available the dictionary is empty.

Return type:

ResultsDict

crypto_condor.primitives.RSASSA.test_verify_pkcs(verify_function, hash_algorithm, compliance=True, resilience=True)#

Tests a signature verification function.

Parameters:

  • verify_function (VerifyPkcs) – The function to test.

  • hash_algorithm (Hash) – The hash algorithm used to generate the signatures.

  • compliance (bool) – Whether to use compliance test vectors.

  • resilience (bool) – Whether to use resilience test vectors.

Returns:

A dictionary of Results, one for each vectors file, indexed by the filename. If there are no vectors available the dictionary is empty.

Return type:

ResultsDict

crypto_condor.primitives.RSASSA.test_verify_pss(verify_function, hash_algorithm, mgf_hash=None, compliance=True, resilience=True)#

Tests a function that verifies RSASSA-PSS signatures.

Parameters:

  • verify_function (VerifyPss) – The function to test.

  • hash_algorithm (Hash) – The hash algorithm used to generate the signatures.

  • mgf_hash (Hash | None) – The hash function to use with MGF1.

  • compliance (bool) – Whether to use compliance test vectors.

  • resilience (bool) – Whether to use resilience test vectors.

Returns:

A dictionary containing a Results instance per vectors file, indexed by its filename. If there are no vectors available the dictionary is empty.

Return type:

ResultsDict