Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 01cdfb209158cf77866959ed64c85a469b48e079 / . / docs / hazmat / primitives / interfaces.rst
blob: d39898ee5b9229be20016f455939a59877f420c0 [file] [log] [blame]
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]1.. hazmat::
2
3Interfaces
4==========
5
6
7``cryptography`` uses `Abstract Base Classes`_ as interfaces to describe the
David Reidbd18bcd2013-11-07 13:13:30 -0800[diff] [blame]8properties and methods of most primitive constructs. Backends may also use
9this information to influence their operation. Interfaces should also be used
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]10to document argument and return types.
11
David Reid9ed25e42013-11-07 13:15:27 -0800[diff] [blame]12.. _`Abstract Base Classes`: http://docs.python.org/3.2/library/abc.html
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]13
14
Alex Stapletonc5fffd32014-03-18 15:29:00 +0000[diff] [blame]15Symmetric ciphers
David Reid0a394df2013-11-15 16:19:50 -0800[diff] [blame]16~~~~~~~~~~~~~~~~~
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]17
18.. currentmodule:: cryptography.hazmat.primitives.interfaces
19
David Reid0a394df2013-11-15 16:19:50 -0800[diff] [blame]20
21.. class:: CipherAlgorithm
22
23 A named symmetric encryption algorithm.
24
25 .. attribute:: name
26
27 :type: str
28
29 The standard name for the mode, for example, "AES", "Camellia", or
30 "Blowfish".
31
32 .. attribute:: key_size
33
34 :type: int
35
36 The number of bits in the key being used.
37
38
David Reid668d4802013-12-17 11:53:43 -0800[diff] [blame]39.. class:: BlockCipherAlgorithm
40
41 A block cipher algorithm.
42
43 .. attribute:: block_size
44
45 :type: int
46
47 The number of bits in a block.
48
49
Alex Stapletonc5fffd32014-03-18 15:29:00 +0000[diff] [blame]50Cipher modes
David Reid0a394df2013-11-15 16:19:50 -0800[diff] [blame]51------------
52
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]53Interfaces used by the symmetric cipher modes described in
54:ref:`Symmetric Encryption Modes <symmetric-encryption-modes>`.
55
56.. class:: Mode
57
58 A named cipher mode.
59
60 .. attribute:: name
61
62 :type: str
63
64 This should be the standard shorthand name for the mode, for example
65 Cipher-Block Chaining mode is "CBC".
66
67 The name may be used by a backend to influence the operation of a
68 cipher in conjunction with the algorithm's name.
69
Alex Gaynor9626b5a2013-11-19 16:49:26 -0800[diff] [blame]70 .. method:: validate_for_algorithm(algorithm)
71
72 :param CipherAlgorithm algorithm:
73
74 Checks that the combination of this mode with the provided algorithm
75 meets any necessary invariants. This should raise an exception if they
76 are not met.
77
78 For example, the :class:`~cryptography.hazmat.primitives.modes.CBC`
79 mode uses this method to check that the provided initialization
80 vector's length matches the block size of the algorithm.
81
David Reid30722b92013-11-07 13:03:39 -0800[diff] [blame]82
83.. class:: ModeWithInitializationVector
84
85 A cipher mode with an initialization vector.
86
87 .. attribute:: initialization_vector
88
89 :type: bytes
90
91 Exact requirements of the initialization are described by the
92 documentation of individual modes.
93
94
95.. class:: ModeWithNonce
96
97 A cipher mode with a nonce.
98
99 .. attribute:: nonce
100
101 :type: bytes
102
103 Exact requirements of the nonce are described by the documentation of
104 individual modes.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]105
Alex Stapletonc5fffd32014-03-18 15:29:00 +0000[diff] [blame]106Asymmetric interfaces
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]107~~~~~~~~~~~~~~~~~~~~~
108
109.. class:: RSAPrivateKey
110
Paul Kehrer46688b12014-01-26 13:23:13 -0600[diff] [blame]111 .. versionadded:: 0.2
Paul Kehrer82629f42014-01-26 12:25:02 -0600[diff] [blame]112
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]113 An `RSA`_ private key.
114
Paul Kehrer01cdfb22014-04-15 11:27:03 -0400[diff] [blame^]115 .. classmethod:: generate(public_exponent, key_size, backend)
116
117 Generate a new ``RSAPrivateKey`` instance using ``backend``.
118
119 :param int public_exponent: The public exponent of the new key.
120 Usually one of the small Fermat primes 3, 5, 17, 257, 65537. If in
121 doubt you should `use 65537`_.
122 :param int key_size: The length of the modulus in bits. For keys
123 generated in 2014 it is strongly recommended to be
124 `at least 2048`_ (See page 41). It must not be less than 512.
125 Some backends may have additional limitations.
126 :param backend: A
127 :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
128 provider.
129 :return: A new instance of ``RSAPrivateKey``.
130
131 .. method:: signer(padding, algorithm, backend)
132
133 .. versionadded:: 0.3
134
135 Sign data which can be verified later by others using the public key.
136
137 :param padding: An instance of a
138 :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
139 provider.
140
141 :param algorithm: An instance of a
142 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
143 provider.
144
145 :param backend: A
146 :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
147 provider.
148
149 :returns:
150 :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
151
Paul Kehrer0e94fbe2014-01-26 11:47:21 -0600[diff] [blame]152 .. method:: public_key()
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]153
Paul Kehrer359b9462014-01-26 12:03:05 -0600[diff] [blame]154 :return: :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey`
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]155
156 An RSA public key object corresponding to the values of the private key.
157
158 .. attribute:: modulus
159
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]160 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]161
Paul Kehrer0e94fbe2014-01-26 11:47:21 -0600[diff] [blame]162 The public modulus.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]163
164 .. attribute:: public_exponent
165
166 :type: int
167
Paul Kehrer0e94fbe2014-01-26 11:47:21 -0600[diff] [blame]168 The public exponent.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]169
Alex Gaynor2649a692014-02-03 07:14:16 -0800[diff] [blame]170 .. attribute:: private_exponent
171
172 :type: int
173
174 The private exponent.
175
Alex Stapletonee3e6bf2014-02-02 21:13:48 +0000[diff] [blame]176 .. attribute:: key_size
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]177
178 :type: int
179
180 The bit length of the modulus.
181
182 .. attribute:: p
183
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]184 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]185
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]186 ``p``, one of the two primes composing the :attr:`modulus`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]187
188 .. attribute:: q
189
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]190 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]191
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]192 ``q``, one of the two primes composing the :attr:`modulus`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]193
194 .. attribute:: d
195
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]196 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]197
Alex Gaynor2649a692014-02-03 07:14:16 -0800[diff] [blame]198 The private exponent. Alias for :attr:`private_exponent`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]199
Paul Kehrer8e9c9842014-02-13 12:23:27 -0600[diff] [blame]200 .. attribute:: dmp1
201
202 :type: int
203
204 A `Chinese remainder theorem`_ coefficient used to speed up RSA
205 operations. Calculated as: d mod (p-1)
206
207 .. attribute:: dmq1
208
209 :type: int
210
211 A `Chinese remainder theorem`_ coefficient used to speed up RSA
212 operations. Calculated as: d mod (q-1)
213
214 .. attribute:: iqmp
215
216 :type: int
217
218 A `Chinese remainder theorem`_ coefficient used to speed up RSA
219 operations. Calculated as: q\ :sup:`-1` mod p
220
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]221 .. attribute:: n
222
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]223 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]224
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]225 The public modulus. Alias for :attr:`modulus`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]226
227 .. attribute:: e
228
229 :type: int
230
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]231 The public exponent. Alias for :attr:`public_exponent`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]232
233
234.. class:: RSAPublicKey
235
Paul Kehrer46688b12014-01-26 13:23:13 -0600[diff] [blame]236 .. versionadded:: 0.2
Paul Kehrer82629f42014-01-26 12:25:02 -0600[diff] [blame]237
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]238 An `RSA`_ public key.
239
Paul Kehrer01cdfb22014-04-15 11:27:03 -0400[diff] [blame^]240 .. method:: verifier(signature, padding, algorithm, backend)
241
242 .. versionadded:: 0.3
243
244 Verify data was signed by the private key associated with this public
245 key.
246
247 :param bytes signature: The signature to verify.
248
249 :param padding: An instance of a
250 :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
251 provider.
252
253 :param algorithm: An instance of a
254 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
255 provider.
256
257 :param backend: A
258 :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
259 provider.
260
261 :returns:
262 :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
263
264
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]265 .. attribute:: modulus
266
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]267 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]268
Paul Kehrer0e94fbe2014-01-26 11:47:21 -0600[diff] [blame]269 The public modulus.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]270
Alex Stapletonee3e6bf2014-02-02 21:13:48 +0000[diff] [blame]271 .. attribute:: key_size
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]272
273 :type: int
274
275 The bit length of the modulus.
276
277 .. attribute:: public_exponent
278
279 :type: int
280
Paul Kehrer0e94fbe2014-01-26 11:47:21 -0600[diff] [blame]281 The public exponent.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]282
283 .. attribute:: n
284
Paul Kehrerd527b302014-01-26 11:41:38 -0600[diff] [blame]285 :type: int
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]286
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]287 The public modulus. Alias for :attr:`modulus`.
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]288
289 .. attribute:: e
290
291 :type: int
292
Alex Gaynor2a918742014-01-26 16:53:44 -0600[diff] [blame]293 The public exponent. Alias for :attr:`public_exponent`.
294
Paul Kehrerac423232014-01-25 14:13:09 -0600[diff] [blame]295
Mohammed Attia71acc672014-03-04 19:20:45 +0200[diff] [blame]296.. class:: DSAParameters
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]297
298 .. versionadded:: 0.3
299
300 `DSA`_ parameters.
301
302 .. attribute:: modulus
303
304 :type: int
305
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]306 The prime modulus that is used in generating the DSA key pair and used
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]307 in the DSA signing and verification processes.
308
309 .. attribute:: subgroup_order
310
311 :type: int
312
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]313 The subgroup order that is used in generating the DSA key pair
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]314 by the generator and used in the DSA signing and verification
315 processes.
316
317 .. attribute:: generator
318
319 :type: int
320
Mohammed Attiacb9a6c22014-03-04 04:16:35 +0200[diff] [blame]321 The generator that is used in generating the DSA key pair and used
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]322 in the DSA signing and verification processes.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]323
324 .. attribute:: p
325
326 :type: int
327
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]328 The prime modulus that is used in generating the DSA key pair and used
Mohammed Attia70324512014-03-04 03:34:39 +0200[diff] [blame]329 in the DSA signing and verification processes. Alias for :attr:`modulus`.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]330
331 .. attribute:: q
332
333 :type: int
334
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]335 The subgroup order that is used in generating the DSA key pair
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]336 by the generator and used in the DSA signing and verification
Mohammed Attia70324512014-03-04 03:34:39 +0200[diff] [blame]337 processes. Alias for :attr:`subgroup_order`.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]338
339 .. attribute:: g
340
341 :type: int
342
Mohammed Attiacb9a6c22014-03-04 04:16:35 +0200[diff] [blame]343 The generator that is used in generating the DSA key pair and used
Mohammed Attia70324512014-03-04 03:34:39 +0200[diff] [blame]344 in the DSA signing and verification processes. Alias for :attr:`generator`.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]345
346
347.. class:: DSAPrivateKey
348
349 .. versionadded:: 0.3
350
Mohammed Attia7a1738a2014-03-04 19:17:24 +0200[diff] [blame]351 A `DSA`_ private key.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]352
353 .. method:: public_key()
354
355 :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey`
356
357 An DSA public key object corresponding to the values of the private key.
358
359 .. method:: parameters()
360
Mohammed Attia71acc672014-03-04 19:20:45 +0200[diff] [blame]361 :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters`
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]362
Mohammed Attia71acc672014-03-04 19:20:45 +0200[diff] [blame]363 The DSAParameters object associated with this private key.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]364
365 .. attribute:: key_size
366
367 :type: int
368
369 The bit length of the modulus.
370
371 .. attribute:: x
372
373 :type: int
374
375 The private key.
376
377 .. attribute:: y
378
379 :type: int
380
381 The public key.
382
383
384.. class:: DSAPublicKey
385
386 .. versionadded:: 0.3
387
Mohammed Attiaedacb142014-03-17 12:28:23 +0200[diff] [blame]388 A `DSA`_ public key.
389
390 .. attribute:: key_size
391
392 :type: int
393
394 The bit length of the modulus.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]395
396 .. method:: parameters()
397
Mohammed Attia71acc672014-03-04 19:20:45 +0200[diff] [blame]398 :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters`
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]399
Mohammed Attia71acc672014-03-04 19:20:45 +0200[diff] [blame]400 The DSAParameters object associated with this public key.
Mohammed Attiab4167152014-03-04 03:29:56 +0200[diff] [blame]401
402 .. attribute:: y
403
404 :type: int
405
406 The public key.
407
408
Paul Kehrereda558c2014-02-17 21:18:13 -0600[diff] [blame]409.. class:: AsymmetricSignatureContext
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]410
411 .. versionadded:: 0.2
412
413 .. method:: update(data)
414
Paul Kehrereda558c2014-02-17 21:18:13 -0600[diff] [blame]415 :param bytes data: The data you want to sign.
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]416
417 .. method:: finalize()
418
419 :return bytes signature: The signature.
420
421
Paul Kehrer430202d2014-02-18 13:36:53 -0600[diff] [blame]422.. class:: AsymmetricVerificationContext
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]423
424 .. versionadded:: 0.2
425
426 .. method:: update(data)
427
Paul Kehrereda558c2014-02-17 21:18:13 -0600[diff] [blame]428 :param bytes data: The data you wish to verify using the signature.
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]429
Paul Kehrerdd3780a2014-02-18 13:17:53 -0600[diff] [blame]430 .. method:: verify()
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]431
Paul Kehrerfef1fbd2014-02-26 23:39:37 -0400[diff] [blame]432 :raises cryptography.exceptions.InvalidSignature: If the signature does
433 not validate.
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]434
435
436.. class:: AsymmetricPadding
437
Paul Kehrer19f32d52014-02-17 19:23:06 -0600[diff] [blame]438 .. versionadded:: 0.2
Paul Kehrere0f0f342014-02-17 19:20:51 -0600[diff] [blame]439
440 .. attribute:: name
441
Alex Stapletonc5fffd32014-03-18 15:29:00 +0000[diff] [blame]442Hash algorithms
Paul Kehrere51a2db2014-01-29 11:49:35 -0600[diff] [blame]443~~~~~~~~~~~~~~~
444
445.. class:: HashAlgorithm
446
Paul Kehrere51a2db2014-01-29 11:49:35 -0600[diff] [blame]447 .. attribute:: name
448
449 :type: str
450
Paul Kehrer4c75a8c2014-01-29 12:20:37 -0600[diff] [blame]451 The standard name for the hash algorithm, for example: ``"sha256"`` or
452 ``"whirlpool"``.
Paul Kehrere51a2db2014-01-29 11:49:35 -0600[diff] [blame]453
454 .. attribute:: digest_size
455
456 :type: int
457
458 The size of the resulting digest in bytes.
459
460 .. attribute:: block_size
461
462 :type: int
463
464 The internal block size of the hash algorithm in bytes.
465
466
Ayrxa0f98502014-04-15 19:17:03 +0800[diff] [blame]467.. class:: HashContext
468
469 .. attribute:: algorithm
470
471 A :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` that
472 will be used by this context.
473
474 .. method:: update(data)
475
476 :param data bytes: The data you want to hash.
477
478 .. method:: finalize()
479
480 :return: The final digest as bytes.
481
482 .. method:: copy()
483
484 :return: A :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
485 that is a copy of the current context.
486
487
Alex Stapletonc5fffd32014-03-18 15:29:00 +0000[diff] [blame]488Key derivation functions
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]489~~~~~~~~~~~~~~~~~~~~~~~~
490
491.. class:: KeyDerivationFunction
492
Alex Gaynor8454c512014-01-28 07:01:54 -0800[diff] [blame]493 .. versionadded:: 0.2
494
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]495 .. method:: derive(key_material)
496
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]497 :param key_material bytes: The input key material. Depending on what
498 key derivation function you are using this
499 could be either random material, or a user
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]500 supplied password.
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]501 :return: The new key.
Alex Gaynore19e89f2014-01-28 06:58:43 -0800[diff] [blame]502 :raises cryptography.exceptions.AlreadyFinalized: This is raised when
503 :meth:`derive` or
504 :meth:`verify` is
505 called more than
506 once.
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]507
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]508 This generates and returns a new key from the supplied key material.
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]509
510 .. method:: verify(key_material, expected_key)
511
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]512 :param key_material bytes: The input key material. This is the same as
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]513 ``key_material`` in :meth:`derive`.
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]514 :param expected_key bytes: The expected result of deriving a new key,
515 this is the same as the return value of
516 :meth:`derive`.
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]517 :raises cryptography.exceptions.InvalidKey: This is raised when the
518 derived key does not match
519 the expected key.
Alex Gaynore19e89f2014-01-28 06:58:43 -0800[diff] [blame]520 :raises cryptography.exceptions.AlreadyFinalized: This is raised when
521 :meth:`derive` or
522 :meth:`verify` is
523 called more than
524 once.
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]525
Alex Gaynor5484f722014-01-28 05:46:15 -0800[diff] [blame]526 This checks whether deriving a new key from the supplied
527 ``key_material`` generates the same key as the ``expected_key``, and
528 raises an exception if they do not match. This can be used for
529 something like checking whether a user's password attempt matches the
530 stored derived key.
Alex Gaynorb2774f52014-01-27 11:05:29 -0800[diff] [blame]531
Paul Kehrer8e9c9842014-02-13 12:23:27 -0600[diff] [blame]532.. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
533.. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem
Mohammed Attia604c78f2014-03-04 03:56:08 +0200[diff] [blame]534.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
Paul Kehrer01cdfb22014-04-15 11:27:03 -0400[diff] [blame^]535.. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
536.. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf