diff options
Diffstat (limited to 'docs/hazmat')
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/rsa.rst | 43 | ||||
| -rw-r--r-- | docs/hazmat/primitives/interfaces.rst | 112 | ||||
| -rw-r--r-- | docs/hazmat/primitives/key-derivation-functions.rst | 2 | ||||
| -rw-r--r-- | docs/hazmat/primitives/twofactor.rst | 14 |
4 files changed, 162 insertions, 9 deletions
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 682820b3..7943981e 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -111,6 +111,49 @@ RSA or ``modulus`` do not match the bounds specified in :rfc:`3447`. + .. method:: verifier(signature, padding, algorithm, backend) + + .. versionadded:: 0.3 + + Verify data was signed by the private key associated with this public + key. + + .. doctest:: + + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.primitives import hashes + >>> from cryptography.hazmat.primitives.asymmetric import rsa, padding + >>> private_key = rsa.RSAPrivateKey.generate( + ... public_exponent=65537, + ... key_size=2048, + ... backend=default_backend() + ... ) + >>> signer = private_key.signer(padding.PKCS1v15(), hashes.SHA256(), default_backend()) + >>> data= b"this is some data I'd like to sign" + >>> signer.update(data) + >>> signature = signer.finalize() + >>> public_key = private_key.public_key() + >>> verifier = public_key.verifier(signature, padding.PKCS1v15(), hashes.SHA256(), default_backend()) + >>> verifier.update(data) + >>> verifier.verify() + + :param bytes signature: The signature to verify. + + :param padding: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` + provider. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 5be3dd95..cc2a3000 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -231,6 +231,113 @@ Asymmetric Interfaces The public exponent. Alias for :attr:`public_exponent`. +.. class:: DSAParameters + + .. versionadded:: 0.3 + + `DSA`_ parameters. + + .. attribute:: modulus + + :type: int + + The prime modulus that is used in generating the DSA key pair and used + in the DSA signing and verification processes. + + .. attribute:: subgroup_order + + :type: int + + The subgroup order that is used in generating the DSA key pair + by the generator and used in the DSA signing and verification + processes. + + .. attribute:: generator + + :type: int + + The generator that is used in generating the DSA key pair and used + in the DSA signing and verification processes. + + .. attribute:: p + + :type: int + + The prime modulus that is used in generating the DSA key pair and used + in the DSA signing and verification processes. Alias for :attr:`modulus`. + + .. attribute:: q + + :type: int + + The subgroup order that is used in generating the DSA key pair + by the generator and used in the DSA signing and verification + processes. Alias for :attr:`subgroup_order`. + + .. attribute:: g + + :type: int + + The generator that is used in generating the DSA key pair and used + in the DSA signing and verification processes. Alias for :attr:`generator`. + + +.. class:: DSAPrivateKey + + .. versionadded:: 0.3 + + A `DSA`_ private key. + + .. method:: public_key() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` + + An DSA public key object corresponding to the values of the private key. + + .. method:: parameters() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` + + The DSAParameters object associated with this private key. + + .. attribute:: key_size + + :type: int + + The bit length of the modulus. + + .. attribute:: x + + :type: int + + The private key. + + .. attribute:: y + + :type: int + + The public key. + + +.. class:: DSAPublicKey + + .. versionadded:: 0.3 + + A `DSA`_ private key. + + .. method:: parameters() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` + + The DSAParameters object associated with this public key. + + .. attribute:: y + + :type: int + + The public key. + + .. class:: AsymmetricSignatureContext .. versionadded:: 0.2 @@ -254,8 +361,8 @@ Asymmetric Interfaces .. method:: verify() - :raises cryptography.exceptions.InvalidSignature: If signature does not - validate. + :raises cryptography.exceptions.InvalidSignature: If the signature does + not validate. .. class:: AsymmetricPadding @@ -335,3 +442,4 @@ Key Derivation Functions .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem +.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst index d8a0e241..851dbb0b 100644 --- a/docs/hazmat/primitives/key-derivation-functions.rst +++ b/docs/hazmat/primitives/key-derivation-functions.rst @@ -179,7 +179,7 @@ Different KDFs are suitable for different tasks such as: :param bytes info: Application specific context information. If ``None`` is explicitly passed an empty byte string will be used. - :params backend: A + :param backend: A :class:`~cryptography.hazmat.backends.interfaces.HMACBackend` provider. diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index 3df1a147..3912d483 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -47,10 +47,11 @@ codes (HMAC). provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm`` - is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, + :raises TypeError: This is raised if the provided ``algorithm`` is not + :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or - :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. + :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the + ``length`` parameter is not an integer. .. method:: generate(counter) @@ -142,10 +143,11 @@ similar to the following code. provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm`` - is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, + :raises TypeError: This is raised if the provided ``algorithm`` is not + :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or - :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. + :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the + ``length`` parameter is not an integer. .. method:: generate(time) |