diff options
Diffstat (limited to 'rsa/pkcs1.py')
-rw-r--r-- | rsa/pkcs1.py | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py index 7612b27..b81629e 100644 --- a/rsa/pkcs1.py +++ b/rsa/pkcs1.py @@ -31,7 +31,7 @@ SUCH INFORMATION to your users. import hashlib import os -from rsa import common, transform, core +from rsa import common, transform, core, varblock # ASN.1 codes that describe the hash algorithm used. HASH_ASN1 = { @@ -224,7 +224,9 @@ def sign(message, priv_key, hash): Hashes the message, then signs the hash with the given key. This is known as a "detached signature", because the message itself isn't altered. - :param message: the message to sign + :param message: the message to sign. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. :param priv_key: the :py:class:`rsa.PrivateKey` to sign with :param hash: the hash method used on the message. Use 'MD5', 'SHA-1', 'SHA-256', 'SHA-384' or 'SHA-512'. @@ -258,7 +260,9 @@ def verify(message, signature, pub_key): The hash method is detected automatically from the signature. - :param message: the signed message + :param message: the signed message. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. :param signature: the signature block, as created with ``sign(...)``. :param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message. :raise VerificationError: when the signature doesn't match the message. @@ -289,14 +293,30 @@ def verify(message, signature, pub_key): raise VerificationError('Verification failed') def _hash(message, method_name): - '''Returns the message digest.''' + '''Returns the message digest. + + :param message: the signed message. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. + :param method_name: the hash method, must be a key of + :py:const:`HASH_METHODS`. + + ''' if method_name not in HASH_METHODS: raise ValueError('Invalid hash method: %s' % method_name) method = HASH_METHODS[method_name] hasher = method() - hasher.update(message) + + if hasattr(message, 'read') and hasattr(message.read, '__call__'): + # read as 1K blocks + for block in varblock.yield_fixedblocks(message, 1024): + hasher.update(block) + else: + # hash the message object itself. + hasher.update(message) + return hasher.digest() |