�
Bd\Rc@s�dZd
Z
ddgZddlZddlmZ
ddlmZmZm	Z	
ddl
Tddd	��YZd
�Zd�Z
dS(
sr
RSA digital signature protocol according to PKCS#1 v1.5

See RFC3447__ or the `original RSA Labs specification`__.

This scheme is more properly called ``RSASSA-PKCS1-v1_5``.

For example, a sender may authenticate a message using SHA-1 like
this:

        >>> from Crypto.Signature import PKCS1_v1_5
        >>> from Crypto.Hash import SHA
        >>> from Crypto.PublicKey import RSA
        >>>
        >>> message = 'To be signed'
        >>> key = RSA.importKey(open('privkey.der').read())
        >>> h = SHA.new(message)
        >>> signer = PKCS1_v1_5.new(key)
        >>> signature = signer.sign(h)

At the receiver side, verification can be done using the public part of
the RSA key:

        >>> key = RSA.importKey(open('pubkey.der').read())
        >>> h = SHA.new(message)
        >>> verifier = PKCS1_v1_5.new(key)
        >>> if verifier.verify(h, signature):
        >>>    print "The signature is authentic."
        >>> else:
        >>>    print "The signature is not authentic."

:undocumented: __revision__, __package__

.. __: http://www.ietf.org/rfc/rfc3447.txt
.. __: http://www.rsa.com/rsalabs/node.asp?id=2125
s$Id$tnewtPKCS115_SigSchemei����N(
tceil_div(tDerSequencetDerNulltDerOctetString(
t
*c
Bs2eZ
dZd
�Zd�Zd�Zd�ZRS(sLThis signature scheme can perform PKCS#1 v1.5 RSA signature or verification.cCs
|
|_d
S(s
Initialize this PKCS#1 v1.5 signature scheme object.
        
        :Parameters:
         key : an RSA key object
          If a private half is given, both signature and verification are possible.
          If a public half is given, only verification is possible.
        N(
t_key(tselftkey((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyt__init__Gsc


Cs
|jj
�S(
sCReturn True if this cipher object can be used for signing messages.(Rthas_private(
R((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pytcan_signQscCsmtj
jj|jj�
}t|d
�}t|
|�}|jj|�
}t	d�
|t
|�
|}|S(szProduce the PKCS#1 v1.5 signature of a message.
    
        This function is named ``RSASSA-PKCS1-V1_5-SIGN``, and is specified in
        section 8.2.1 of RFC3447.
    
        :Parameters:
         mhash : hash object
                The hash that was carried out over the message. This is an object
                belonging to the `Crypto.Hash` module.
    
        :Return: The signature encoded as a string.
        :Raise ValueError:
            If the RSA key length is not sufficiently long to deal with the given
            hash algorithm.
        :Raise TypeError:
            If the RSA key has no private half.
        ii(tCryptotUtiltnumbertsizeRt
nRtEMSA_PKCS1_V1_5_ENCODEtdecrypttbchrtlen(RtmhashtmodBitst
ktemt
mt
S((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pytsignUs

cCs�tj
jj|jj�
}t|d
�}t|�
|kr@dS|jj|d�d}t	d�
|t|�
|}yt
|
|�}Wntk
r�


dSX||kS(s�Verify that a certain PKCS#1 v1.5 signature is authentic.
    
        This function checks if the party holding the private half of the key
        really signed the message.
    
        This function is named ``RSASSA-PKCS1-V1_5-VERIFY``, and is specified in
        section 8.2.2 of RFC3447.
    
        :Parameters:
         mhash : hash object
                The hash that was carried out over the message. This is an object
                belonging to the `Crypto.Hash` module.
         S : string
                The signature that needs to be validated.
    
        :Return: True if verification is correct. False otherwise.
        ii(R
RRRRRRRtencryptRRt
ValueError(RRRRRRtem1tem2((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pytverifyus





(t__name__t
__module__t__doc__R
RRR!(((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyR
Ds

	
		 cCs�t|j
t�j�g�
}t|j��
}t|j�|j�g�
j�}|
t|�
d
kr�tdt|�
�
�
ntd�
|
t|�
d}t	d�
|td�
|S(s@
    Implement the ``EMSA-PKCS1-V1_5-ENCODE`` function, as defined
    in PKCS#1 v2.1 (RFC3447, 9.2).

    ``EMSA-PKCS1-V1_5-ENCODE`` actually accepts the message ``M`` as input,
    and hash it internally. Here, we expect that the message has already
    been hashed instead.

    :Parameters:
     hash : hash object
            The hash object that holds the digest of the message being signed.
     emLen : int
            The length the final encoding must have, in bytes.

    :attention: the early standard (RFC2313) stated that ``DigestInfo``
        had to be BER-encoded. This means that old signatures
        might have length tags in indefinite form, which
        is not supported in DER. Such encoding cannot be
        reproduced by this function.

    :attention: the same standard defined ``DigestAlgorithm`` to be
        of ``AlgorithmIdentifier`` type, where the PARAMETERS
        item is optional. Encodings for ``MD2/4/5`` without
        ``PARAMETERS`` cannot be reproduced by this function.

    :Return: An ``emLen`` byte long string that encodes the hash.
    is8Selected hash algorith has a too long digest (%d bytes).i�it
i(
RtoidRtencodeRtdigestRRRt
b(thashtemLent
digestAlgoR(t
digestInfotPS((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyR�s0


	



c

Cs
t|�
S(
sH
Return a signature scheme object `PKCS115_SigScheme` that
    can be used to perform PKCS#1 v1.5 signature or verification.

    :Parameters:
     key : RSA key object
      The key to use to sign or verify the message. This is a `Crypto.PublicKey.RSA` object.
      Signing is only possible if *key* is a private RSA key.

    (
R
(
R	((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyR�s
((R$t__revision__t__all__tCrypto.Util.numberR
RtCrypto.Util.asn1RRRtCrypto.Util.py3compatR
RR(((sN/opt/alt/python27/lib64/python2.7/site-packages/Crypto/Signature/PKCS1_v1_5.pyt<module>:s




_	>