1 files changed, 25 insertions, 5 deletions

diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py
index 7612b27..b81629e 100644
--- a/rsa/pkcs1.py
+++ b/rsa/pkcs1.py
@@ -31,7 +31,7 @@ SUCH INFORMATION to your users.
 import hashlib
 import os
 
-from rsa import common, transform, core
+from rsa import common, transform, core, varblock
 
 # ASN.1 codes that describe the hash algorithm used.
 HASH_ASN1 = {
@@ -224,7 +224,9 @@ def sign(message, priv_key, hash):
     Hashes the message, then signs the hash with the given key. This is known
     as a "detached signature", because the message itself isn't altered.
     
-    :param message: the message to sign
+    :param message: the message to sign. Can be an 8-bit string or a file-like
+        object. If ``message`` has a ``read()`` method, it is assumed to be a
+        file-like object.
     :param priv_key: the :py:class:`rsa.PrivateKey` to sign with
     :param hash: the hash method used on the message. Use 'MD5', 'SHA-1',
         'SHA-256', 'SHA-384' or 'SHA-512'.
@@ -258,7 +260,9 @@ def verify(message, signature, pub_key):
     
     The hash method is detected automatically from the signature.
     
-    :param message: the signed message
+    :param message: the signed message. Can be an 8-bit string or a file-like
+        object. If ``message`` has a ``read()`` method, it is assumed to be a
+        file-like object.
     :param signature: the signature block, as created with ``sign(...)``.
     :param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message.
     :raise VerificationError: when the signature doesn't match the message.
@@ -289,14 +293,30 @@ def verify(message, signature, pub_key):
         raise VerificationError('Verification failed')
 
 def _hash(message, method_name):
-    '''Returns the message digest.'''
+    '''Returns the message digest.
+    
+    :param message: the signed message. Can be an 8-bit string or a file-like
+        object. If ``message`` has a ``read()`` method, it is assumed to be a
+        file-like object.
+    :param method_name: the hash method, must be a key of
+        :py:const:`HASH_METHODS`.
+    
+    '''
 
     if method_name not in HASH_METHODS:
         raise ValueError('Invalid hash method: %s' % method_name)
     
     method = HASH_METHODS[method_name]
     hasher = method()
-    hasher.update(message)
+
+    if hasattr(message, 'read') and hasattr(message.read, '__call__'):
+        # read as 1K blocks
+        for block in varblock.yield_fixedblocks(message, 1024):
+            hasher.update(block)
+    else:
+        # hash the message object itself.
+        hasher.update(message)
+
     return hasher.digest()