Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 4ccceaf4484dce24c5f0994b52079293a5fdb37c^! / . / docs
commit4ccceaf4484dce24c5f0994b52079293a5fdb37c[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Sun Feb 23 11:26:37 2014 -0600
committerPaul Kehrer <paul.l.kehrer@gmail.com>Sun Feb 23 11:26:37 2014 -0600
tree7a8190e8f274ee210f1431014e932680b85df4db
parent2d4f36a2246580466f3c1c6e027f03bb9b265960 [diff]
add RSA PKCS1 signing (and structure for PSS + verification)

diff --git a/docs/exceptions.rst b/docs/exceptions.rst
index 8ca9df2..38bd0e4 100644
--- a/docs/exceptions.rst
+++ b/docs/exceptions.rst

@@ -42,3 +42,9 @@
 
     This is raised when the verify method of a one time password function's
     computed token does not match the expected token.
+
+
+.. class:: UnsupportedAsymmetricPadding
+
+    This is raised when the chosen asymmetric padding is not supported by the
+    backend.

diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst
new file mode 100644
index 0000000..10319fa
--- /dev/null
+++ b/docs/hazmat/primitives/asymmetric/index.rst

@@ -0,0 +1,10 @@
+.. hazmat::
+
+Asymmetric Algorithms
+=====================
+
+.. toctree::
+    :maxdepth: 1
+
+    rsa
+    padding

diff --git a/docs/hazmat/primitives/asymmetric/padding.rst b/docs/hazmat/primitives/asymmetric/padding.rst
new file mode 100644
index 0000000..d3f713a
--- /dev/null
+++ b/docs/hazmat/primitives/asymmetric/padding.rst

@@ -0,0 +1,20 @@
+.. hazmat::
+
+Padding
+=======
+
+.. currentmodule:: cryptography.hazmat.primitives.asymmetric.padding
+
+.. warning::
+    `Padding is critical`_ when signing or encrypting data using RSA. Without
+    correct padding signatures can be forged, messages decrypted, and private
+    keys compromised.
+
+.. class:: PKCS1()
+
+    .. versionadded:: 0.3
+
+    PKCS1 (also known as PKCS1 v1.5) is a simple padding scheme developed for
+    use with RSA keys. It is also defined in :rfc:`3447`.
+
+.. _`Padding is critical`: http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/

diff --git a/docs/hazmat/primitives/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
similarity index 71%
rename from docs/hazmat/primitives/rsa.rst
rename to docs/hazmat/primitives/asymmetric/rsa.rst
index 4e1f8e4..82cf352 100644
--- a/docs/hazmat/primitives/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst

@@ -50,6 +50,36 @@
             provider.
         :return: A new instance of ``RSAPrivateKey``.
 
+    .. method:: signer(padding, algorithm, backend)
+
+        .. versionadded:: 0.3
+
+        :param padding: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+
+        .. doctest::
+
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> from cryptography.hazmat.primitives import hashes
+            >>> from cryptography.hazmat.primitives.asymmetric import rsa, padding
+            >>> private_key = rsa.RSAPrivateKey.generate(65537, 2048, default_backend())
+            >>> signer = private_key.signer(padding.PKCS1(), hashes.SHA256(), default_backend())
+            >>> signer.update(b"this is some data I'd like")
+            >>> signer.update(b" to sign")
+            >>> signature = signer.finalize()
+
 
 .. class:: RSAPublicKey(public_exponent, modulus)
 

diff --git a/docs/hazmat/primitives/index.rst b/docs/hazmat/primitives/index.rst
index 5199d49..90deec8 100644
--- a/docs/hazmat/primitives/index.rst
+++ b/docs/hazmat/primitives/index.rst

@@ -11,7 +11,7 @@
     symmetric-encryption
     padding
     key-derivation-functions
-    rsa
+    asymmetric/index
     constant-time
     interfaces
     twofactor