1 " lz Jj"Tʂ ^)F }Y$ # -*- coding: utf-8 -*- # # Cipher/PKCS1_OAEP.py : PKCS#1 OAEP # # =================================================================== # The contents of this file are dedicated to the public domain. To # the extent that dedication to the public domain is not available, # everyone is granted a worldwide, perpetual, royalty-free, # non-exclusive license to exercise all rights associated with the # contents of this file for any purpose whatsoever. # No rights are reserved. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS # BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN # ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # =================================================================== """RSA encryption protocol according to PKCS#1 OAEP See RFC3447__ or the `original RSA Labs specification`__ . This scheme is more properly called ``RSAES-OAEP``. As an example, a sender may encrypt a message in this way: >>> from Crypto.Cipher import PKCS1_OAEP >>> from Crypto.PublicKey import RSA >>> >>> message = 'To be encrypted' >>> key = RSA.importKey(open('pubkey.der').read()) >>> cipher = PKCS1_OAEP.new(key) >>> ciphertext = cipher.encrypt(message) At the receiver side, decryption can be done using the private part of the RSA key: >>> key = RSA.importKey(open('privkey.der').read()) >>> cipher = PKCS1_OAP.new(key) >>> message = cipher.decrypt(ciphertext) :undocumented: __revision__, __package__ .. __: http://www.ietf.org/rfc/rfc3447.txt .. __: http://www.rsa.com/rsalabs/node.asp?id=2125. """ from __future__ import nested_scopes __revision__ = "$Id$" __all__ = [ 'new', 'PKCS1OAEP_Cipher' ] import Crypto.Signature.PKCS1_PSS import Crypto.Hash.SHA from Crypto.Util.py3compat import * import Crypto.Util.number from Crypto.Util.number import ceil_div from Crypto.Util.strxor import strxor class PKCS1OAEP_Cipher: """This cipher can perform PKCS#1 v1.5 OAEP encryption or decryption.""" def __init__(self, key, hashAlgo, mgfunc, label): """Initialize this PKCS#1 OAEP cipher object. :Parameters: key : an RSA key object If a private half is given, both encryption and decryption are possible. If a public half is given, only encryption is possible. hashAlgo : hash object The hash function to use. This can be a module under `Crypto.Hash` or an existing hash object created from any of such modules. If not specified, `Crypto.Hash.SHA` (that is, SHA-1) is used. mgfunc : callable A mask generation function that accepts two parameters: a string to use as seed, and the lenth of the mask to generate, in bytes. If not specified, the standard MGF1 is used (a safe choice). label : string A label to apply to this particular encryption. If not specified, an empty string is used. Specifying a label does not improve security. :attention: Modify the mask generation function only if you know what you are doing. Sender and receiver must use the same one. """ self._key = key if hashAlgo: self._hashObj = hashAlgo else: self._hashObj = Crypto.Hash.SHA if mgfunc: self._mgf = mgfunc else: self._mgf = lambda x,y: Crypto.Signature.PKCS1_PSS.MGF1(x,y,self._hashObj) self._label = label def can_encrypt(self): """Return True/1 if this cipher object can be used for encryption.""" return self._key.can_encrypt() def