Module DSA
DSA public-key signature algorithm.
DSA is a widespread public-key signature algorithm. Its security is
based on the discrete logarithm problem (DLP). Given a cyclic
group, a generator g, and an element h, it is hard
to find an integer x such that g^x = h. The problem is believed
to be difficult, and it has been proved such (and therefore secure) for
more than 30 years.
The group is actually a sub-group over the integers modulo p, with p prime.
The sub-group order is q, which is prime too; it always holds that (p-1) is a multiple of q.
The cryptographic strength is linked to the magnitude of p and q.
The signer holds a value x (0<x<q-1) as private key, and its public
key (y where y=g^x mod p) is distributed.
In 2012, a sufficient size is deemed to be 2048 bits for p and 256 bits for q.
For more information, see the most recent ECRYPT report.
DSA is reasonably secure for new designs.
The algorithm can only be used for authentication (digital signature).
DSA cannot be used for confidentiality (encryption).
The values (p,q,g) are called domain parameters;
they are not sensitive but must be shared by both parties (the signer and the verifier).
Different signers can share the same domain parameters with no security
concerns.
The DSA signature is twice as big as the size of q (64 bytes if q is 256 bit
long).
This module provides facilities for generating new DSA keys and for constructing
them from known components. DSA keys allows you to perform basic signing and
verification.
>>> from Cryptodome.PublicKey import DSA
>>> from Cryptodome.Signature.DSS
>>> from Cryptodome.Hash import SHA256
>>>
>>> message = b"Hello"
>>> key = DSA.generate(2048)
>>> f = open("public_key.pem", "w")
>>> f.write(key.publickey().exportKey(key))
>>> hash_obj = SHA256.new(message)
>>> signer = DSS.new(key, 'fips-186-3')
>>> signature = key.sign(hash_obj)
>>> ...
>>> f = open("public_key.pem", "r")
>>> hash_obj = SHA256.new(message)
>>> pub_key = DSA.import_key(f.read())
>>> if pub_key.verify(hash_obj, signature):
>>> print "OK"
>>> else:
>>> print "Incorrect signature"
|
DsaKey
Class defining an actual DSA key.
|
|
generate(bits,
randfunc=None,
domain=None)
Generate a new DSA key pair. |
|
|
|
construct(tup,
consistency_check=True)
Construct a DSA key from a tuple of valid DSA components. |
|
|
|
import_key(extern_key,
passphrase=None)
Import a DSA key (public or private). |
|
|
generate(bits,
randfunc=None,
domain=None)
|
|
Generate a new DSA key pair.
The algorithm follows Appendix A.1/A.2 and B.1 of FIPS 186-4,
respectively for domain generation and key pair generation.
- Parameters:
bits (integer) - Key length, or size (in bits) of the DSA modulus p.
It must be 1024, 2048 or 3072.
randfunc (callable) - Random number generation function; it accepts a single integer N
and return a string of random data N bytes long.
If not specified, the default from Cryptodome.Random is used.
domain (list) - The DSA domain parameters p, q and g as a list of 3
integers. Size of p and q must comply to FIPS 186-4.
If not specified, the parameters are created anew.
- Returns:
- A DSA key object (DsaKey).
- Raises:
ValueError - When bits is too little, too big, or not a multiple of 64.
|
construct(tup,
consistency_check=True)
|
|
Construct a DSA key from a tuple of valid DSA components.
- Parameters:
- Returns:
- A DSA key object (DsaKey).
- Raises:
PublicKey.ValueError - When the key being imported fails the most basic DSA validity checks.
|
import_key(extern_key,
passphrase=None)
|
|
Import a DSA key (public or private).
- Parameters:
extern_key ((byte) string) - The DSA key to import.
An DSA public key can be in any of the following formats:
- X.509 certificate (binary or PEM format)
- X.509 subjectPublicKeyInfo (binary or PEM)
- OpenSSH (one line of text, see RFC4253)
A DSA private key can be in any of the following formats:
- PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo
DER SEQUENCE (binary or PEM encoding)
- OpenSSL/OpenSSH (binary or PEM)
For details about the PEM encoding, see RFC1421/RFC1423.
The private key may be encrypted by means of a certain pass phrase
either at the PEM level or at the PKCS#8 level.
passphrase (string) - In case of an encrypted private key, this is the pass phrase
from which the decryption key is derived.
- Returns:
- A DSA key object (DsaKey).
- Raises:
ValueError - When the given key cannot be parsed (possibly because
the pass phrase is wrong).
|