Merge pull request #982 from reaperhulk/dsa-verify

DSA verification

2 files changed, 73 insertions, 3 deletions

diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst
index 2819bbdb..03e476b6 100644
--- a/docs/hazmat/primitives/asymmetric/dsa.rst
+++ b/docs/hazmat/primitives/asymmetric/dsa.rst
@@ -118,6 +118,55 @@ DSA
                         ``subgroup_order``, ``generator``, or ``y``
                         do not match the bounds specified in `FIPS 186-4`_.
 
+    .. method:: verifier(signature, algorithm, backend)
+
+        .. versionadded:: 0.4
+
+        Verify data was signed by the private key associated with this public
+        key.
+
+        .. code-block:: pycon
+
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> from cryptography.hazmat.primitives import hashes
+            >>> from cryptography.hazmat.primitives.asymmetric import dsa
+            >>> parameters = dsa.DSAParameters.generate(
+            ...     key_size=1024,
+            ...     backend=default_backend()
+            ... )
+            >>> private_key = dsa.DSAPrivateKey.generate(
+            ...     parameters=parameters,
+            ...     backend=default_backend()
+            ... )
+            >>> signer = private_key.signer(
+            ...     hashes.SHA256(),
+            ...     default_backend()
+            ... )
+            >>> data = b"this is some data I'd like to sign"
+            >>> signer.update(data)
+            >>> signature = signer.finalize()
+            >>> public_key = private_key.public_key()
+            >>> verifier = public_key.verifier(
+            ...     signature,
+            ...     hashes.SHA256(),
+            ...     default_backend()
+            ... )
+            >>> verifier.update(data)
+            >>> verifier.verify()
+
+        :param bytes signature: The signature to verify. DER encoded as
+            specified in :rfc:`6979`.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.DSABackend`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
 
 .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
 .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index c76582c0..feafe941 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -412,17 +412,38 @@ Asymmetric interfaces
 
         The bit length of the modulus.
 
+    .. attribute:: y
+
+        :type: int
+
+        The public key.
+
     .. method:: parameters()
 
         :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters`
 
         The DSAParameters object associated with this public key.
 
-    .. attribute:: y
+    .. method:: verifier(signature, algorithm, backend)
 
-        :type: int
+        .. versionadded:: 0.4
 
-        The public key.
+        Verify data was signed by the private key associated with this public
+        key.
+
+        :param bytes signature: The signature to verify. DER encoded as
+            specified in :rfc:`6979`.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.DSABackend`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
 
 
 .. class:: AsymmetricSignatureContext