pylibressl.rsa

RSA signing and encryption.

Contains routines to sign/verify, encrypt/decrypt messages using RSA and a wrapper class to store RSA keypair. Also it supports generation of RSA keys with custom length and exponent. Note that only keys in PEM format are supported.

Signing example:

>>> from pylibressl.rsa import RSAKeypair, RSASign_SHA512
>>>
>>> privkey = open('private_key.pem', 'rb').read()
>>> keypair = RSAKeypair(private_key=privkey)
>>> signer = RSASign_SHA512(keypair)
>>>
>>> message = b'Example message. 1234567890'
>>> signature = signer.sign(message)
>>>
>>> if signer.verify(message, signature):
...     print('Signature is ok')
>>> else:
...     print('Signature is NOT ok!!!')

Cipher example:

>>> from pylibressl.rsa import RSAKeypair, RSACrypt_AES256
>>>
>>> privkey = open('private_key.pem', 'rb').read()
>>> keypair = RSAKeypair(private_key=privkey)
>>> rsacrypt = RSACrypt_AES256(keypair)
>>>
>>> message = b'Example message. 1234567890'
>>> enc_message, session_key, iv = rsacrypt.encrypt(message)
>>> decoded_message = rsacrypt.decrypt(enc_message, session_key, iv)
>>> assert decoded_message == message

Package Contents

Classes

RSAKeypair

RSA keypair container.

RSASign

RSA signing class.

RSACrypt

RSA en/decryption class.

Functions

public_from_private(private_key)

Derive public key from private one.

generate_rsa_key(bits=2048, exponent=65537)

Generate RSA key.

Attributes

RSASign_SHA512

RSACrypt_AES256

class pylibressl.rsa.RSAKeypair(public_key=None, private_key=None)

Bases: object

RSA keypair container.

_set_one_key(self, key, is_public)
_set_pkey(self, public_key, private_key)
has_private_key(self)

Returns True if private key is present in keypair.

key_size(self)

Get key size (actually, modulus length) in bytes.

pylibressl.rsa.public_from_private(private_key)

Derive public key from private one.

class pylibressl.rsa.RSASign(rsa_keypair)

Bases: object

RSA signing class.

classmethod new(cls, digest_type, name='NewRSASign')

Create new RSA signing class.

sign(self, message)

Sign a message with RSA.

verify(self, message, signature)

Verify signed message with RSA.

pylibressl.rsa.RSASign_SHA512
class pylibressl.rsa.RSACrypt(keypair)

Bases: object

RSA en/decryption class.

classmethod new(cls, symmetric_cipher, name='NewRSACrypt')

Create new RSA cipher class.

encrypt(self, data)
decrypt(self, data, session_key, iv)
pylibressl.rsa.RSACrypt_AES256
pylibressl.rsa.generate_rsa_key(bits=2048, exponent=65537)

Generate RSA key.

Parameters

  • bits – key length in bits

  • exponent – exponent value, should be odd

Returns

private key bytestring in PEM format