In the process, we add a "randfunc" parameter to
- Crypto.Cipher.PKCS1_OAEP.new()
- Crypto.Cipher.PKCS1_v1_5.new()
- Crypto.Signature.PKCS1_PSS.new()
to set the PRNG used by each algorithm.
Previously, the PRNG was taken from the RSA key itself.
This patch forces the user to explicitly assert
that no validation of the X.509 certificate will be
done when importing an RSA key.
In other words, public keys can only be imported in the following way:
>>> cert_data = open("cert.pem", "rb").read()
>>> key = RSA.importKey(cert_data, verify_x509_cert=False)
Not passing the parameter "verify_x509_cert" will raise an exception.
This patch does a few things to simplify the public key classes
(RSA, DSA and ElGamal):
* It removes the Crypto.PublicKey.pubkey module. The 3 classes
do not have an ancestor anymore.
* Methods sign(), verify(), encrypt(), and decrypt() are removed.
* Methods blind() and unblind() are removed.
* Methods can_sign() and can_encrypt() are removed.
* The 3 classes cannot be pickled anymore.
When the various components are assembled into an RSA,
DSA or ElGamal key via the construct() method, we must verify
as much as possible if the result is indeed a valid key.
The patch contains the following changes:
- Private RSA keys can be imported/exported in encrypted form,
protected according to PKCS#8 and:
* PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC.
* PBKDF2WithHMAC-SHA1AndAES128-CBC
* PBKDF2WithHMAC-SHA1AndAES192-CBC
* PBKDF2WithHMAC-SHA1AndAES256-CBC
In addition to that, it is possible to import keys i the
following weak formats:
* pbeWithMD5AndDES-CBC
* pbeWithSHA1AndRC2-CBC
* pbeWithMD5AndRC2-CBC
* pbeWithSHA1AndDES-CBC
- The following new module (and 1 new package) are added:
* Crypto.Util.Padding for simple padding/unpadding logic
* Crypto.IO._PBES for PBE-related PKCS#5 logic
* Crypto.IO.PEM for PEM wrapping/unwrapping
* Crypto.IO.PKCS8 for PKCS#8 wrapping/unwrapping
- All Object ID (OIDs) are now in dotted form to increase
readability.
- Add AES support to PEM format (decode only).
The PEM module can decrypt messages protected with AES-CBC.
- Update RSA import test cases.
- Updated to PKCS8 test cases
The bug is at: https://bugs.launchpad.net/pycrypto/+bug/702835
When importing an DER RSA private key, u (that is, p^{-1} mod q) must be
computed manually. RSA.importKey() also raises a more descriptive exception in
case of an unknown key format.
Conflicts:
lib/Crypto/PublicKey/RSA.py
Small fix to importKey documentation (ASN.1 structure names were
incorrect for public keys).
Factors of an RSA private key are computed from private exponent d
(both slowmath and fastmath).
