4 files changed, 121 insertions, 0 deletions

diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index b867f26a..a543ba1f 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
@@ -90,3 +90,18 @@ class RSABackend(six.with_metaclass(abc.ABCMeta)):
         Generate an RSAPrivateKey instance with public_exponent and a modulus
         of key_size bits.
         """
+
+    @abc.abstractmethod
+    def create_rsa_signature_ctx(self, private_key, padding, algorithm):
+        """
+        Returns an object conforming to the AsymmetricSignatureContext
+        interface.
+        """
+
+    @abc.abstractmethod
+    def create_rsa_verification_ctx(self, public_key, signature, padding,
+                                    algorithm):
+        """
+        Returns an object conforming to the AsymmetricVerificationContext
+        interface.
+        """
diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py
index 5ef469d0..11696160 100644
--- a/cryptography/hazmat/primitives/interfaces.py
+++ b/cryptography/hazmat/primitives/interfaces.py
@@ -287,6 +287,43 @@ class RSAPublicKey(six.with_metaclass(abc.ABCMeta)):
         """
 
 
+class AsymmetricSignatureContext(six.with_metaclass(abc.ABCMeta)):
+    @abc.abstractmethod
+    def update(self, data):
+        """
+        Processes the provided bytes and returns nothing.
+        """
+
+    @abc.abstractmethod
+    def finalize(self):
+        """
+        Returns the signature as bytes.
+        """
+
+
+class AsymmetricVerificationContext(six.with_metaclass(abc.ABCMeta)):
+    @abc.abstractmethod
+    def update(self, data):
+        """
+        Processes the provided bytes and returns nothing.
+        """
+
+    @abc.abstractmethod
+    def verify(self):
+        """
+        Raises an exception if the bytes provided to update do not match the
+        signature or the signature does not match the public key.
+        """
+
+
+class AsymmetricPadding(six.with_metaclass(abc.ABCMeta)):
+    @abc.abstractproperty
+    def name(self):
+        """
+        A string naming this padding (e.g. "PSS", "PKCS1").
+        """
+
+
 class KeyDerivationFunction(six.with_metaclass(abc.ABCMeta)):
     @abc.abstractmethod
     def derive(self, key_material):
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index e6bf8f69..bd38ed50 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -212,3 +212,39 @@ A specific ``backend`` may provide one or more of these interfaces.
             provider.
 
         :raises ValueError: If the public_exponent is not valid.
+
+    .. method:: create_rsa_signature_ctx(private_key, padding, algorithm)
+
+        :param private_key: An instance of an
+            :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey`
+            provider.
+
+        :param padding: An instance of an
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+
+    .. method:: create_rsa_verification_ctx(public_key, signature, padding, algorithm)
+
+        :param public_key: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey`
+            provider.
+
+        :param bytes signature: The signature to verify.
+
+        :param padding: An instance of an
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index df17e59d..5be3dd95 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -231,6 +231,39 @@ Asymmetric Interfaces
         The public exponent. Alias for :attr:`public_exponent`.
 
 
+.. class:: AsymmetricSignatureContext
+
+    .. versionadded:: 0.2
+
+    .. method:: update(data)
+
+        :param bytes data: The data you want to sign.
+
+    .. method:: finalize()
+
+        :return bytes signature: The signature.
+
+
+.. class:: AsymmetricVerificationContext
+
+    .. versionadded:: 0.2
+
+    .. method:: update(data)
+
+        :param bytes data: The data you wish to verify using the signature.
+
+    .. method:: verify()
+
+        :raises cryptography.exceptions.InvalidSignature: If signature does not
+            validate.
+
+
+.. class:: AsymmetricPadding
+
+    .. versionadded:: 0.2
+
+    .. attribute:: name
+
 Hash Algorithms
 ~~~~~~~~~~~~~~~