Package Crypto :: Package PublicKey :: Module DSA :: Class _DSAobj

Class _DSAobj

pubkey.pubkey --+
                |
               _DSAobj

Class defining an actual DSA key.

Instance Methods

__init__(self, implementation, key)

sign(self, M, K)
Sign a piece of data with DSA.

verify(self, M, signature)
Verify the validity of a DSA signature.

has_private(self)
Tell if the key object contains private components.

size(self)
Tell the maximum number of bits that can be handled by this key.

can_blind(self)
Tell if the algorithm can deal with data blinding.

can_encrypt(self)
Tell if the algorithm can deal with data encryption.

can_sign(self)
Tell if the algorithm can deal with cryptographic signatures.

publickey(self)
Construct a new key carrying only the public information.

Inherited from pubkey.pubkey: blind, decrypt, encrypt, unblind

Class Variables
	keydata = `['y', 'g', 'p', 'q', 'x']` Dictionary of DSA parameters.

Method Details

init(self, implementation, key)
(Constructor)

Overrides: pubkey.pubkey.__init__

sign(self, M, K)

Sign a piece of data with DSA.

Parameters:

M (byte string or long) - The piece of data to sign with DSA. It may not be longer in bit size than the sub-group order (q).
K (long (recommended) or byte string (not recommended)) - A secret number, chosen randomly in the closed range [1,q-1].

Returns:

A tuple with 2 longs.

Overrides: pubkey.pubkey.sign

Attention:

selection of K is crucial for security. Generating a random number larger than q and taking the modulus by q is not secure, since smaller values will occur more frequently. Generating a random number systematically smaller than q-1 (e.g. floor((q-1)/8) random bytes) is also not secure. In general, it shall not be possible for an attacker to know the value of any bit of K.
The number K shall not be reused for any other operation and shall be discarded immediately.
M must be a digest cryptographic hash, otherwise an attacker may mount an existential forgery attack.

verify(self, M, signature)

Verify the validity of a DSA signature.

Parameters:

M (byte string or long) - The expected message.
signature (A tuple with 2 longs as return by sign) - The DSA signature to verify.

Returns:

True if the signature is correct, False otherwise.

Overrides: pubkey.pubkey.verify

has_private(self)

Tell if the key object contains private components.

Returns:: bool
Overrides: pubkey.pubkey.has_private: (inherited documentation)

size(self)

Tell the maximum number of bits that can be handled by this key.

Returns:: int
Overrides: pubkey.pubkey.size: (inherited documentation)

can_blind(self)

Tell if the algorithm can deal with data blinding.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required carry out blinding.

Returns:: boolean
Overrides: pubkey.pubkey.can_blind: (inherited documentation)

can_encrypt(self)

Tell if the algorithm can deal with data encryption.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required to decrypt data.

Returns:: boolean
Overrides: pubkey.pubkey.can_encrypt: (inherited documentation)

can_sign(self)

Tell if the algorithm can deal with cryptographic signatures.

This property concerns the algorithm, not the key itself. It may happen that this particular key object hasn't got the private information required to generate a signature.

Returns:: boolean
Overrides: pubkey.pubkey.can_sign: (inherited documentation)

publickey(self)

Construct a new key carrying only the public information.

Returns:: A new pubkey object.
Overrides: pubkey.pubkey.publickey: (inherited documentation)

Class Variable Details

keydata

Dictionary of DSA parameters.

A public key will only have the following entries:

y, the public key.

g, the generator.

p, the modulus.

q, the order of the sub-group.

A private key will also have:

x, the private key.

Value:

['y', 'g', 'p', 'q', 'x']