Package Crypto :: Package Cipher :: Module PKCS1_v1_5

Module PKCS1_v1_5

RSA encryption protocol according to PKCS#1 v1.5

See RFC3447 or the original RSA Labs specification .

This scheme is more properly called RSAES-PKCS1-v1_5.

If you are designing a new protocol, consider using the more robust PKCS#1 OAEP.

As an example, a sender may encrypt a message in this way:

>>> from Crypto.Cipher import PKCS1_v1_5
>>> from Crypto.PublicKey import RSA
>>> from Crypto.Hash import SHA
>>>
>>> message = 'To be encrypted'
>>> h = SHA.new(message)
>>>
>>> key = RSA.importKey(open('pubkey.der').read())
>>> cipher = PKCS1_v1_5.new(key)
>>> ciphertext = cipher.encrypt(message+h.digest())

At the receiver side, decryption can be done using the private part of the RSA key:

>>> From Crypto.Hash import SHA
>>> from Crypto import Random
>>>
>>> key = RSA.importKey(open('privkey.der').read())
>>>
>>> dsize = SHA.digest_size
>>> sentinel = Random.new().read(15+dsize)      # Let's assume that average data length is 15
>>>
>>> cipher = PKCS1_v1_5.new(key)
>>> message = cipher.decrypt(ciphertext, sentinel)
>>>
>>> digest = SHA.new(message[:-dsize]).digest()
>>> if digest==message[-dsize:]:                # Note how we DO NOT look for the sentinel
>>>     print "Encryption was correct."
>>> else:
>>>     print "Encryption was not correct."

Classes
	PKCS115_Cipher This cipher can perform PKCS#1 v1.5 RSA encryption or decryption.

Functions

new(key)
Return a cipher object PKCS115_Cipher that can be used to perform PKCS#1 v1.5 encryption or decryption.

Function Details

new(key)

Return a cipher object PKCS115_Cipher that can be used to perform PKCS#1 v1.5 encryption or decryption.

Parameters:

key (RSA key object) - The key to use to encrypt or decrypt the message. This is a Crypto.PublicKey.RSA object. Decryption is only possible if key is a private RSA key.