M2Crypto Package¶
M2Crypto
Package¶
ASN1
Module¶
AuthCookie
Module¶
BIO
Module¶
BN
Module¶
DH
Module¶
DSA
Module¶
EC
Module¶
EVP
Module¶
-
class
M2Crypto.EVP.
Cipher
(alg: str, key: bytes, iv: bytes, op: object, key_as_bytes: int = 0, d: str = 'md5', salt: bytes = b'12345678', i: int = 1, padding: int = 1)[source]¶ Bases:
object
-
m2_cipher_ctx_free
()¶
-
-
class
M2Crypto.EVP.
HMAC
(key: bytes, algo: str = 'sha1')[source]¶ Bases:
object
-
digest
() → bytes¶
-
m2_hmac_ctx_free
()¶
-
-
class
M2Crypto.EVP.
MessageDigest
(algo: str)[source]¶ Bases:
object
Message Digest
-
digest
()¶
-
m2_md_ctx_free
()¶
-
-
class
M2Crypto.EVP.
PKey
(pkey: Optional[bytes] = None, _pyfree: int = 0, md: str = 'sha1')[source]¶ Bases:
object
Public Key
-
as_pem
(cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → bytes[source]¶ Return key in PEM format in a string.
- Parameters
cipher – Symmetric cipher to protect the key. The default cipher is
'aes_128_cbc'
. If cipher is None, then the key is saved in the clear.callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
assign_rsa
(rsa: M2Crypto.RSA.RSA, capture: int = 1) → int[source]¶ Assign the RSA key pair to self.
- Parameters
rsa – M2Crypto.RSA.RSA object to be assigned to self.
capture – If true (default), this PKey object will own the RSA object, meaning that once the PKey object gets deleted it is no longer safe to use the RSA object.
- Returns
Return 1 for success and 0 for failure.
-
digest_sign_update
(data: bytes) → None[source]¶ Feed data to digest signing operation.
- Parameters
data – Data to be signed.
-
digest_verify
()[source]¶ Return result of verification.
- Parameters
sign – Signature to use for verification
data – Data to be verified.
- Returns
Result of verification: 1 for success, 0 for failure, -1 on other error.
-
digest_verify_final
(sign: bytes) → int[source]¶ Feed data to digest verification operation.
- Parameters
sign – Signature to use for verification
- Returns
Result of verification: 1 for success, 0 for failure, -1 on other error.
-
digest_verify_update
(data: bytes) → int[source]¶ Feed data to verification operation.
- Parameters
data – Data to be verified.
- Returns
-1 on Python error, 1 for success, 0 for OpenSSL error
-
final
() → bytes¶ Return signature.
- Returns
The signature.
-
get_rsa
() → M2Crypto.RSA.RSA_pub[source]¶ Return the underlying RSA key if that is what the EVP instance is holding.
-
m2_md_ctx_free
()¶
-
m2_pkey_free
()¶
-
reset_context
(md: str = 'sha1') → None[source]¶ Reset internal message digest context.
- Parameters
md – The message digest algorithm.
-
save_key
(file: AnyStr, cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → int[source]¶ Save the key pair to a file in PEM format.
- Parameters
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
save_key_bio
(bio: BIO.BIO, cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → int[source]¶ Save the key pair to the M2Crypto.BIO object ‘bio’ in PEM format.
- Parameters
bio – M2Crypto.BIO object to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
sign_update
(data: bytes) → None[source]¶ Feed data to signing operation.
- Parameters
data – Data to be signed.
-
update
(data: bytes) → None¶ Feed data to signing operation.
- Parameters
data – Data to be signed.
-
-
M2Crypto.EVP.
load_key
(file: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.EVP.PKey[source]¶ Load an M2Crypto.EVP.PKey from file.
- Parameters
file – Name of file containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
load_key_bio
(bio: BIO.BIO, callback: Callable = <function passphrase_callback>) → PKey[source]¶ Load an M2Crypto.EVP.PKey from an M2Crypto.BIO object.
- Parameters
bio – M2Crypto.BIO object containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
load_key_bio_pubkey
(bio: BIO.BIO, callback: Callable = <function passphrase_callback>) → PKey[source]¶ Load an M2Crypto.EVP.PKey from a public key as a M2Crypto.BIO object.
- Parameters
bio – M2Crypto.BIO object containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
load_key_pubkey
(file: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.EVP.PKey[source]¶ Load an M2Crypto.EVP.PKey from a public key as a file.
- Parameters
file – Name of file containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
load_key_string
(string: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.EVP.PKey[source]¶ Load an M2Crypto.EVP.PKey from a string.
- Parameters
string – String containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
load_key_string_pubkey
(string: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.EVP.PKey[source]¶ Load an M2Crypto.EVP.PKey from a public key as a string.
- Parameters
string – String containing the key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key.
- Returns
M2Crypto.EVP.PKey object.
-
M2Crypto.EVP.
pbkdf2
(password: bytes, salt: bytes, iter: int, keylen: int) → bytes[source]¶ Derive a key from password using PBKDF2 algorithm specified in RFC 2898.
- Parameters
password – Derive the key from this password.
salt – Salt.
iter – Number of iterations to perform.
keylen – Length of key to produce.
- Returns
Key.
Engine
Module¶
Err
Module¶
RC4
Module¶
RSA
Module¶
-
class
M2Crypto.RSA.
RSA
(rsa: bytes, _pyfree: int = 0)[source]¶ Bases:
object
RSA Key Pair.
-
as_pem
(cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → bytes[source]¶ Returns the key(pair) as a string in PEM format.
-
check_key
() → int[source]¶ Validate RSA keys.
It checks that p and q are in fact prime, and that n = p*q.
- Returns
returns 1 if rsa is a valid RSA key, and 0 otherwise. -1 is returned if an error occurs while checking the key. If the key is invalid or an error occurred, the reason code can be obtained using ERR_get_error(3).
-
m2_rsa_free
()¶
-
save_key
(file: AnyStr, cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → int[source]¶ Save the key pair to a file in PEM format.
- Parameters
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
save_key_bio
(bio: BIO.BIO, cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → int[source]¶ Save the key pair to an M2Crypto.BIO.BIO object in PEM format.
- Parameters
bio – M2Crypto.BIO.BIO object to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
save_key_der
(file: AnyStr) → int[source]¶ Save the key pair to a file in DER format.
- Parameters
file – Filename to save key to
-
save_key_der_bio
(bio: BIO.BIO) → int[source]¶ Save the key pair to an M2Crypto.BIO.BIO object in DER format.
- Parameters
bio – M2Crypto.BIO.BIO object to save key to.
-
save_pem
(file: AnyStr, cipher: Optional[str] = 'aes_128_cbc', callback: Callable = <function passphrase_callback>) → int¶ Save the key pair to a file in PEM format.
- Parameters
file – Name of file to save key to.
cipher – Symmetric cipher to protect the key. The default cipher is ‘aes_128_cbc’. If cipher is None, then the key is saved in the clear.
callback – A Python callable object that is invoked to acquire a passphrase with which to protect the key. The default is util.passphrase_callback.
-
save_pub_key
(file: AnyStr) → int[source]¶ Save the public key to a file in PEM format.
- Parameters
file – Name of file to save key to.
-
save_pub_key_bio
(bio: BIO.BIO) → int[source]¶ Save the public key to an M2Crypto.BIO.BIO object in PEM format.
- Parameters
bio – M2Crypto.BIO.BIO object to save key to.
-
sign
(digest: bytes, algo: str = 'sha1') → bytes[source]¶ Signs a digest with the private key
- Parameters
digest – A digest created by using the digest method
algo – The method that created the digest. Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns
a string which is the signature
-
sign_rsassa_pss
(digest: bytes, algo: str = 'sha1', salt_length: int = 20) → bytes[source]¶ Signs a digest with the private key using RSASSA-PSS
- Parameters
digest – A digest created by using the digest method
salt_length – The length of the salt to use
algo – The hash algorithm to use Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns
a string which is the signature
-
verify
(data: bytes, signature: bytes, algo: str = 'sha1') → int[source]¶ Verifies the signature with the public key
- Parameters
data – Data that has been signed
signature – The signature signed with the private key
algo – The method use to create digest from the data before it was signed. Legal values like ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns
1 or 0, depending on whether the signature was verified or not.
-
verify_rsassa_pss
(data: bytes, signature: bytes, algo: str = 'sha1', salt_length: int = 20) → int[source]¶ Verifies the signature RSASSA-PSS
- Parameters
data – Data that has been signed
signature – The signature signed with RSASSA-PSS
salt_length – The length of the salt that was used
algo – The hash algorithm to use Legal values are for example ‘sha1’,’sha224’, ‘sha256’, ‘ripemd160’, and ‘md5’.
- Returns
1 or 0, depending on whether the signature was verified or not.
-
-
class
M2Crypto.RSA.
RSA_pub
(rsa: bytes, _pyfree: int = 0)[source]¶ Bases:
M2Crypto.RSA.RSA
Object interface to an RSA public key.
-
check_key
() → int[source]¶ Validate RSA keys.
It checks that p and q are in fact prime, and that n = p*q.
- Returns
returns 1 if rsa is a valid RSA key, and 0 otherwise. -1 is returned if an error occurs while checking the key. If the key is invalid or an error occurred, the reason code can be obtained using ERR_get_error(3).
-
-
M2Crypto.RSA.
gen_key
(bits: int, e: int, callback: Callable = <function keygen_callback>) → M2Crypto.RSA.RSA[source]¶ Generate an RSA key pair.
- Parameters
bits – Key length, in bits.
e – The RSA public exponent.
callback – A Python callable object that is invoked during key generation; its usual purpose is to provide visual feedback. The default callback is keygen_callback.
- Returns
M2Crypto.RSA.RSA object.
-
M2Crypto.RSA.
keygen_callback
(p: int, n: Any, out: IO[str] = <_io.TextIOWrapper name='<stdout>' mode='w' encoding='utf-8'>) → None[source]¶ Default callback for gen_key().
-
M2Crypto.RSA.
load_key
(file: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.RSA.RSA[source]¶ Load an RSA key pair from file.
- Parameters
file – Name of file containing RSA public key in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns
M2Crypto.RSA.RSA object.
-
M2Crypto.RSA.
load_key_bio
(bio: BIO.BIO, callback: Callable = <function passphrase_callback>) → RSA[source]¶ Load an RSA key pair from an M2Crypto.BIO.BIO object.
- Parameters
bio – M2Crypto.BIO.BIO object containing RSA key pair in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns
M2Crypto.RSA.RSA object.
-
M2Crypto.RSA.
load_key_string
(string: AnyStr, callback: Callable = <function passphrase_callback>) → M2Crypto.RSA.RSA[source]¶ Load an RSA key pair from a string.
- Parameters
string – String containing RSA key pair in PEM format.
callback – A Python callable object that is invoked to acquire a passphrase with which to unlock the key. The default is util.passphrase_callback.
- Returns
M2Crypto.RSA.RSA object.
-
M2Crypto.RSA.
load_pub_key
(file: AnyStr) → M2Crypto.RSA.RSA_pub[source]¶ Load an RSA public key from file.
- Parameters
file – Name of file containing RSA public key in PEM format.
- Returns
M2Crypto.RSA.RSA_pub object.
-
M2Crypto.RSA.
load_pub_key_bio
(bio: BIO.BIO) → RSA_pub[source]¶ Load an RSA public key from an M2Crypto.BIO.BIO object.
- Parameters
bio – M2Crypto.BIO.BIO object containing RSA public key in PEM format.
- Returns
M2Crypto.RSA.RSA_pub object.
-
M2Crypto.RSA.
new_pub_key
(e_n: Tuple[bytes, bytes]) → M2Crypto.RSA.RSA_pub[source]¶ Instantiate an RSA_pub object from an (e, n) tuple.
- Parameters
e – The RSA public exponent; it is a string in OpenSSL’s MPINT format - 4-byte big-endian bit-count followed by the appropriate number of bits.
n – The RSA composite of primes; it is a string in OpenSSL’s MPINT format - 4-byte big-endian bit-count followed by the appropriate number of bits.
- Returns
M2Crypto.RSA.RSA_pub object.