In the process, we add a "randfunc" parameter to
- Crypto.Cipher.PKCS1_OAEP.new()
- Crypto.Cipher.PKCS1_v1_5.new()
- Crypto.Signature.PKCS1_PSS.new()
to set the PRNG used by each algorithm.
Previously, the PRNG was taken from the RSA key itself.
This patch forces the user to explicitly assert
that no validation of the X.509 certificate will be
done when importing an RSA key.
In other words, public keys can only be imported in the following way:
>>> cert_data = open("cert.pem", "rb").read()
>>> key = RSA.importKey(cert_data, verify_x509_cert=False)
Not passing the parameter "verify_x509_cert" will raise an exception.
This patch does a few things to simplify the public key classes
(RSA, DSA and ElGamal):
* It removes the Crypto.PublicKey.pubkey module. The 3 classes
do not have an ancestor anymore.
* Methods sign(), verify(), encrypt(), and decrypt() are removed.
* Methods blind() and unblind() are removed.
* Methods can_sign() and can_encrypt() are removed.
* The 3 classes cannot be pickled anymore.
When the various components are assembled into an RSA,
DSA or ElGamal key via the construct() method, we must verify
as much as possible if the result is indeed a valid key.
This patch adds methods importKey() to DSA module
and exportKey() to _DSAobj object.
Public and private keys can be imported/exported
in a variety of formats:
* DER vs PEM
* PKCS#8 vs OpenSSL vs OpenSSH/OpenSSL
* Encrypted vs clear
2013-07-14 21:16:46 -07:00
Renamed from lib/Crypto/SelfTest/PublicKey/test_importKey.py (Browse further)
