RSA¶
- class pyflocker.ciphers.backends.cryptodome_.RSA.RSAPrivateKey(n: int | None, e: int = 65537, _key: RsaKey | None = None)[source]¶
Bases:
BaseRSAPrivateKey
- decryptor(padding: BaseAsymmetricPadding | None = None) DecryptorContext [source]¶
Creates a decryption context.
- Parameters:
padding – The padding to use. Default is OAEP.
- Returns:
object for decrypting ciphertexts.
- signer(padding: BaseAsymmetricPadding | None = None) SignerContext [source]¶
Create a signer context.
- Parameters:
padding – The padding to use. Default is PSS.
- Returns:
Signer object for signing messages.
Note
If the padding is PSS and
salt_length
is None, the salt length will be maximized, as in OpenSSL.
- public_key() RSAPublicKey [source]¶
Creates a public key from the private key.
- Returns:
The RSA public key.
- serialize(encoding: str = 'PEM', format: str = 'PKCS8', passphrase: bytes | None = None, *, protection: str | None = None) bytes [source]¶
Serialize the private key.
- Parameters:
encoding – PEM or DER (defaults to PEM).
format – PKCS1 or PKCS8 (defaults to PKCS8).
passphrase – a bytes object to use for encrypting the private key. If
passphrase
is None, the private key will be exported in the clear!
- Keyword Arguments:
protection – The protection scheme to use. Supplying a value for protection has meaning only if the
format
is PKCS8. IfNone
is providedscryptAndAES256-CBC
is used as the protection scheme.- Returns:
Serialized key as a bytes object.
- Raises:
ValueError – If the encoding or format is incorrect or, if DER is used with PKCS1 or, protection value is supplied with PKCS1 format.
- classmethod load(data: bytes, passphrase: bytes | None = None) RSAPrivateKey [source]¶
Loads the private key as bytes object and returns the Key interface.
- Parameters:
data – The key as bytes object.
passphrase – The passphrase that deserializes the private key. It must be a bytes-like object if the key was encrypted while serialization, otherwise
None
.
- Returns:
RSA private key.
- Raises:
ValueError – if the key could not be deserialized.
- class pyflocker.ciphers.backends.cryptodome_.RSA.RSAPublicKey(key: RsaKey)[source]¶
Bases:
BaseRSAPublicKey
- encryptor(padding: BaseAsymmetricPadding | None = None) EncryptorContext [source]¶
Creates a encryption context.
- Parameters:
padding – The padding to use. Defaults to OAEP.
- Returns:
object for encrypting plaintexts.
- verifier(padding: BaseAsymmetricPadding | None = None) VerifierContext [source]¶
Creates a verifier context.
- Parameters:
padding – The padding to use. Defaults to PSS.
- Returns:
verifier object for verification.
- serialize(encoding: str = 'PEM', format: str = 'SubjectPublicKeyInfo') bytes [source]¶
Serialize the public key.
- Parameters:
encoding – PEM, DER or OpenSSH (defaults to PEM).
format –
The supported formats are:
SubjectPublicKeyInfo
OpenSSH
Note
format
argument is not actually used by Cryptodome. It is here to maintain compatibility with pyca/cryptography backend counterpart.
- Returns:
The serialized public key as bytes object.
- Raises:
ValueError – if the encoding or format is not supported or invalid, or OpenSSH encoding is not used with OpenSSH format.
- classmethod load(data: bytes) RSAPublicKey [source]¶
Loads the public key as
bytes
object and returns the Key interface.- Parameters:
data – The key as bytes object.
- Returns:
The RSA public key.
- Raises:
ValueError – if the key could not be deserialized.
- class pyflocker.ciphers.backends.cryptodome_.RSA.EncryptorContext(ctx: Any)[source]¶
Bases:
BaseEncryptorContext
- class pyflocker.ciphers.backends.cryptodome_.RSA.DecryptorContext(ctx: Any)[source]¶
Bases:
BaseDecryptorContext
- decrypt(plaintext: bytes) bytes [source]¶
Decrypts the ciphertext and returns the plaintext.
- Parameters:
ciphertext – The ciphertext to decrypt.
- Returns:
The plaintext.
- Raises:
DecryptionError – if the decryption was not successful.
- class pyflocker.ciphers.backends.cryptodome_.RSA.SignerContext(ctx: Any)[source]¶
Bases:
BaseSignerContext
- class pyflocker.ciphers.backends.cryptodome_.RSA.VerifierContext(ctx: Any)[source]¶
Bases:
BaseVerifierContext
- pyflocker.ciphers.backends.cryptodome_.RSA.generate(bits: int, e: int = 65537) RSAPrivateKey [source]¶
Generate a private key with given key modulus
bits
and public exponente
(default 65537). Recommended size ofbits
> 1024.- Parameters:
bits – The bit length of the RSA key.
e – The public exponent value. Default is 65537.
- Returns:
The RSA private key.
- pyflocker.ciphers.backends.cryptodome_.RSA.load_public_key(data: bytes) RSAPublicKey [source]¶
Loads the public key and returns a Key interface.
- Parameters:
data – The public key (a bytes-like object) to deserialize.
- Returns:
The RSA public key.
- pyflocker.ciphers.backends.cryptodome_.RSA.load_private_key(data: bytes, passphrase: bytes | None = None) RSAPrivateKey [source]¶
Loads the private key and returns a Key interface.
If the private key is not encrypted duting the serialization,
passphrase
must beNone
, otherwise it must be abytes
object.- Parameters:
data – The private key (a bytes-like object) to deserialize.
passphrase – The passphrase that is used to encrypt the private key.
None
if the private key is not encrypted.
- Returns:
The RSA private key.