RSA

class pyflocker.ciphers.backends.cryptography_.RSA.RSAPrivateKey(n: int | None, e: int = 65537, _key: RSAPrivateKey | None = None)

Bases: BaseRSAPrivateKey

property p: int

First factor of RSA modulus.

property q: int

Second factor of RSA modulus.

property d: int

RSA private exponent.

property e: int

RSA public exponent.

property n: int

RSA public modulus.

The number n is such that n == p * q.

property key_size: int

Size of the key, in bits.

public_key() → RSAPublicKey

Creates a public key from the private key.

Returns:

The RSA public key.

decryptor(padding: BaseAsymmetricPadding | None = None) → DecryptorContext

Creates a decryption context.

Parameters:

padding – The padding to use. Default is OAEP.

Returns:

object for decrypting ciphertexts.

signer(padding: BaseAsymmetricPadding | None = None) → SignerContext

Create a signer context.

Parameters:

padding – The padding to use. Default is PSS.

Returns:

Signer object for signing messages.

Note

If the padding is PSS and salt_length is None, the salt length will be maximized, as in OpenSSL.

serialize(encoding: str = 'PEM', format: str = 'PKCS8', passphrase: bytes | None = None) → bytes

Serialize the private key.

Parameters:

• encoding – PEM or DER (defaults to PEM).

• format –

  The formats can be:

  • PKCS8 (default)

  • TraditionalOpenSSL

  • OpenSSH (available from pyca/cryptography version >=3.X)

  • PKCS1 (alias to TraditionalOpenSSL for Cryptodome compat)

• passphrase – A bytes-like object to protect the private key. If passphrase is None, the private key will be exported in the clear!

Returns:

The private key as a bytes object.

Raises:

ValueError – if the format or encoding is invalid or not supported.

classmethod load(data: bytes, passphrase: bytes | None = None) → RSAPrivateKey

Loads the private key as bytes object and returns the Key interface.

Parameters:

• data – The key as bytes object.

• passphrase – The passphrase that deserializes the private key. It must be a bytes-like object if the key was encrypted while serialization, otherwise None.

Returns:

RSA private key.

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptography_.RSA.RSAPublicKey(key: RSAPublicKey)

Bases: BaseRSAPublicKey

property e: int

RSA public exponent.

property n: int

RSA public modulus.

The number n is such that n = p * q.

property key_size: int

Size of the key, in bits.

encryptor(padding: BaseAsymmetricPadding | None = None) → EncryptorContext

Creates a encryption context.

Parameters:

padding – The padding to use. Defaults to OAEP.

Returns:

object for encrypting plaintexts.

verifier(padding: BaseAsymmetricPadding | None = None) → VerifierContext

Creates a verifier context.

Parameters:

padding – The padding to use. Defaults to PSS.

Returns:

verifier object for verification.

serialize(encoding: str = 'PEM', format: str = 'SubjectPublicKeyInfo') → bytes

Serialize the public key.

Parameters:

• encoding – PEM, DER or OpenSSH (defaults to PEM).

• format –

  The supported formats are:

  • SubjectPublicKeyInfo (default)

  • PKCS1

  • OpenSSH

Returns:

Serialized public key as bytes object.

Raises:

ValueError – if the encoding or format is incorrect or unsupported.

classmethod load(data: bytes) → RSAPublicKey

Loads the public key as bytes object and returns the Key interface.

Parameters:

data – The key as bytes object.

Returns:

The RSA public key.

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptography_.RSA.EncryptorContext(key: rsa.RSAPublicKey, padding: _padding.AsymmetricPadding)

Bases: BaseEncryptorContext

encrypt(plaintext: bytes) → bytes

Encrypts the plaintext and returns the ciphertext.

Parameters:

plaintext – The data to encrypt.

Returns:

encrypted bytes object.

class pyflocker.ciphers.backends.cryptography_.RSA.DecryptorContext(key: rsa.RSAPrivateKey, padding: _padding.AsymmetricPadding)

Bases: BaseDecryptorContext

decrypt(ciphertext: bytes) → bytes

Decrypts the ciphertext and returns the plaintext.

Parameters:

ciphertext – The ciphertext to decrypt.

Returns:

The plaintext.

Raises:

DecryptionError – if the decryption was not successful.

class pyflocker.ciphers.backends.cryptography_.RSA.SignerContext(key: rsa.RSAPrivateKey, padding: _padding.AsymmetricPadding)

Bases: BaseSignerContext

sign(msghash: BaseHash) → bytes

Return the signature of the message hash.

Parameters:

msghash – It must be a BaseHash object, used to digest the message to sign.

Returns:

signature of the message as bytes object.

class pyflocker.ciphers.backends.cryptography_.RSA.VerifierContext(key: rsa.RSAPublicKey, padding: _padding.AsymmetricPadding)

Bases: BaseVerifierContext

verify(msghash: BaseHash, signature: bytes) → None

Verifies the signature of the message hash.

Parameters:

• msghash – It must be a BaseHash object, used to digest the message to sign.

• signature – The signature of the message.

Raises:

SignatureError – if the signature was incorrect.

pyflocker.ciphers.backends.cryptography_.RSA.generate(bits: int, e: int = 65537) → RSAPrivateKey

Generate a private key with given key modulus bits and public exponent e (default 65537). Recommended size of bits > 1024.

Parameters:

• bits – The bit length of the RSA key.

• e – The public exponent value. Default is 65537.

Returns:

The RSA private key.

Return type:

RSAPrivateKey

pyflocker.ciphers.backends.cryptography_.RSA.load_public_key(data: bytes) → RSAPublicKey

Loads the public key and returns a Key interface.

Parameters:

data – The public key (a bytes-like object) to deserialize.

Returns:

The RSA public key.

Return type:

RSAPublicKey

pyflocker.ciphers.backends.cryptography_.RSA.load_private_key(data: bytes, passphrase: bytes | None = None) → RSAPrivateKey

Loads the private key and returns a Key interface.

Parameters:

• data – The private key (a bytes-like object) to deserialize.

• passphrase – The passphrase that was used to encrypt the private key. None if the private key is not encrypted.

Returns:

The RSA private key.

Return type:

RSAPrivateKey