o n~b."@sXddlZddlmZmZmZddlmZmZmZm Z GdddZ d ddZ d d Z dS) N)ceil_div bytes_to_long long_to_bytes) DerSequenceDerNullDerOctetString DerObjectIdc@s0eZdZdZddZddZddZdd Zd S) PKCS115_SigSchemezA signature object for ``RSASSA-PKCS1-v1_5``. Do not instantiate directly. Use :func:`Cryptodome.Signature.pkcs1_15.new`. cCs ||_dS)aInitialize this PKCS#1 v1.5 signature scheme object. :Parameters: rsa_key : an RSA key object Creation of signatures is only possible if this is a *private* RSA key. Verification of signatures is always possible. N)_key)selfrsa_keyr H/usr/local/lib/python3.10/dist-packages/Cryptodome/Signature/pkcs1_15.py__init__)s zPKCS115_SigScheme.__init__cCs |jS)z`_. :parameter msg_hash: This is an object from the :mod:`Cryptodome.Hash` package. It has been used to digest the message to sign. :type msg_hash: hash object :return: the signature encoded as a *byte string*. :raise ValueError: if the RSA key is not long enough for the given hash algorithm. :raise TypeError: if the RSA key has no private half. ) CryptodomeUtilnumbersizer nr_EMSA_PKCS1_V1_5_ENCODErZ_decryptr)r msg_hashmodBitskemem_intZm_int signaturer r rsign7s    zPKCS115_SigScheme.signc Cstjj|jj}t|d}t||krtdt |}|j |}t ||}z(t ||dg}z|j d} Wn tyBd} Ynw| sN|t ||dWn tyZtdw||vrctddS)a|Check if the PKCS#1 v1.5 signature over a message is valid. This function is also called ``RSASSA-PKCS1-V1_5-VERIFY`` and it is specified in `section 8.2.2 of RFC8037 `_. :parameter msg_hash: The hash that was carried out over the message. This is an object belonging to the :mod:`Cryptodome.Hash` module. :type parameter: hash object :parameter signature: The signature that needs to be validated. :type signature: byte string :raise ValueError: if the signature is not valid. rzInvalid signatureTz1.2.840.113549.2.FN)rrrrr rrlen ValueErrorrZ_encryptrroid startswithAttributeErrorappend) r rrrrZ signature_intrZem1Z possible_em1Zalgorithm_is_mdr r rverifyVs.      zPKCS115_SigScheme.verifyN)__name__ __module__ __qualname____doc__rrrr%r r r rr #s   r TcCstt|jg}|r|tt|}t||g}|t|dkr6t dt|d|t|d}d|d|S)a Implement the ``EMSA-PKCS1-V1_5-ENCODE`` function, as defined in PKCS#1 v2.1 (RFC3447, 9.2). ``_EMSA-PKCS1-V1_5-ENCODE`` actually accepts the message ``M`` as input, and hash it internally. Here, we expect that the message has already been hashed instead. :Parameters: msg_hash : hash object The hash object that holds the digest of the message being signed. emLen : int The length the final encoding must have, in bytes. with_hash_parameters : bool If True (default), include NULL parameters for the hash algorithm in the ``digestAlgorithm`` SEQUENCE. :attention: the early standard (RFC2313) stated that ``DigestInfo`` had to be BER-encoded. This means that old signatures might have length tags in indefinite form, which is not supported in DER. Such encoding cannot be reproduced by this function. :Return: An ``emLen`` byte long string that encodes the hash. z9Selected hash algorithm has a too long digest (%d bytes).s) rrr!encoder$rrdigestr TypeError)rZemLenZwith_hash_parametersZ digestAlgor/Z digestInfoZPSr r rrs2 rcCst|S)aCreate a signature object for creating or verifying PKCS#1 v1.5 signatures. :parameter rsa_key: The RSA key to use for signing or verifying the message. This is a :class:`Cryptodome.PublicKey.RSA` object. Signing is only possible when ``rsa_key`` is a **private** RSA key. :type rsa_key: RSA object :return: a :class:`PKCS115_SigScheme` signature object )r )r r r rnews r1)T) ZCryptodome.Util.numberrrrrZCryptodome.Util.asn1rrrrr rr1r r r rs  j D