diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2017-05-10 23:11:30 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-05-10 22:11:30 -0500 |
| commit | 5ca9946a5ae87ceedc4b6f2744b9300e957c8a98 (patch) | |
| tree | 578edda39ca9d7a6b290f376ebb21f4961a199a6 /docs/hazmat/primitives/asymmetric | |
| parent | 92f570eabe713653e5fe2dc9ba666493df047ccb (diff) | |
| download | cryptography-5ca9946a5ae87ceedc4b6f2744b9300e957c8a98.tar.gz cryptography-5ca9946a5ae87ceedc4b6f2744b9300e957c8a98.tar.bz2 cryptography-5ca9946a5ae87ceedc4b6f2744b9300e957c8a98.zip | |
Fixes #3538 -- Make our OpenSSL EC verifier's implementation match the API (#3539)
* Document our real API for EC verification, not an accident
* formatting consistency
* fix the code itself
* fixed class name
* fixed a test too
Diffstat (limited to 'docs/hazmat/primitives/asymmetric')
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/ec.rst | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index 56e2e0ec..3c595fac 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -78,20 +78,24 @@ Elliptic Curve Signature Algorithms :func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`. - Verification requires the public key, the signature itself, the signed data, and knowledge of the hashing algorithm that was used when producing the signature: + Verification requires the public key, the signature itself, the signed + data, and knowledge of the hashing algorithm that was used when producing + the signature: >>> public_key = private_key.public_key() >>> verifier = public_key.verifier(signature, ec.ECDSA(hashes.SHA256())) >>> verifier.update(b"this is some data I'd like") >>> verifier.update(b" to sign") >>> verifier.verify() - True - The last call will either return ``True`` or raise an :class:`~cryptography.exceptions.InvalidSignature` exception. + If the signature is not valid, an + :class:`~cryptography.exceptions.InvalidSignature` exception will be raised. .. note:: - Although in this case the public key was derived from the private one, in a typical setting you will not possess the private key. The `Key loading`_ section explains how to load the public key from other sources. - + Although in this case the public key was derived from the private one, + in a typical setting you will not possess the private key. The + `Key loading`_ section explains how to load the public key from other + sources. .. class:: EllipticCurvePrivateNumbers(private_value, public_numbers) @@ -589,7 +593,7 @@ This sample demonstrates how to generate a private key and serialize it. ... encoding=serialization.Encoding.PEM, ... format=serialization.PrivateFormat.PKCS8, ... encryption_algorithm=serialization.BestAvailableEncryption(b'testpassword') - ... ) + ... ) >>> serialized_private.splitlines()[0] '-----BEGIN ENCRYPTED PRIVATE KEY-----' @@ -605,7 +609,7 @@ The public key is serialized as follows: >>> serialized_public = public_key.public_bytes( ... encoding=serialization.Encoding.PEM, ... format=serialization.PublicFormat.SubjectPublicKeyInfo - ... ) + ... ) >>> serialized_public.splitlines()[0] '-----BEGIN PUBLIC KEY-----' @@ -622,15 +626,16 @@ in PEM format. .. doctest:: >>> loaded_public_key = serialization.load_pem_public_key( - ... serialized_public, - ... backend=default_backend() - ... ) + ... serialized_public, + ... backend=default_backend() + ... ) >>> loaded_private_key = serialization.load_pem_private_key( - ... serialized_private, - ... password=b'testpassword', # or password=None, if in plain text - ... backend=default_backend() - ... ) + ... serialized_private, + ... # or password=None, if in plain text + ... password=b'testpassword', + ... backend=default_backend() + ... ) .. _`FIPS 186-3`: http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf |