Commit f92eaca2 authored by Tristan Seligmann's avatar Tristan Seligmann

Import python-cryptography_1.5.orig.tar.gz

parent b11e8dd6
......@@ -29,3 +29,5 @@ PGP key fingerprints are enclosed in parentheses.
* Phoebe Queen <foibey@gmail.com> (10D4 7741 AB65 50F4 B264 3888 DA40 201A 072B C1FA)
* Google Inc.
* Amaury Forgeot d'Arc <amauryfa@google.com>
* Dirkjan Ochtman <dirkjan@ochtman.nl> (25BB BAC1 13C1 BFD5 AA59 4A4C 9F96 B929 3038 0381)
* Maximilian Hils <max@maximilianhils.com>
Changelog
=========
1.5 - 2016-08-26
~~~~~~~~~~~~~~~~
* Added
:func:`~cryptography.hazmat.primitives.asymmetric.padding.calculate_max_pss_salt_length`.
* Added "one shot"
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey.sign`
and
:meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey.verify`
methods to DSA keys.
* Added "one shot"
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`
and
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify`
methods to ECDSA keys.
* Switched back to the older callback model on Python 3.5 in order to mitigate
the locking callback problem with OpenSSL <1.1.0.
* :class:`~cryptography.x509.CertificateBuilder`,
:class:`~cryptography.x509.CertificateRevocationListBuilder`, and
:class:`~cryptography.x509.RevokedCertificateBuilder` now accept timezone
aware ``datetime`` objects as method arguments
* ``cryptography`` now supports OpenSSL 1.1.0 as a compilation target.
1.4 - 2016-06-04
~~~~~~~~~~~~~~~~
......
Metadata-Version: 1.1
Name: cryptography
Version: 1.4
Version: 1.5
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
......
......@@ -126,6 +126,11 @@ should begin with the "Hazardous Materials" warning:
.. hazmat::
Always prefer terminology that is most broadly accepted. For example:
* When referring to class instances use "an instance of ``Foo``"
instead of "a ``Foo`` provider".
When referring to a hypothetical individual (such as "a person receiving an
encrypted message") use gender neutral pronouns (they/them/their).
......
......@@ -76,6 +76,7 @@ Post-release tasks
* Update the version number to the next major (e.g. ``0.5.dev1``) in
``cryptography/__about__.py`` and
``vectors/cryptography_vectors/__about__.py``.
* Close the `milestone`_ for the previous release on GitHub.
* Add new :doc:`/changelog` entry with next version and note that it is under
active development
* Send a pull request with these items
......@@ -85,5 +86,6 @@ Post-release tasks
* Send an email to the `mailing list`_ and `python-announce`_ announcing the
release.
.. _`milestone`: https://github.com/pyca/cryptography/milestones
.. _`mailing list`: https://mail.python.org/mailman/listinfo/cryptography-dev
.. _`python-announce`: https://mail.python.org/mailman/listinfo/python-announce-list
......@@ -40,8 +40,8 @@ If you have no other libraries using OpenSSL in your process, or they do not
appear to be at fault, it's possible that this is a bug in ``cryptography``.
Please file an `issue`_ with instructions on how to reproduce it.
Importing cryptography causes a ``RuntimeError`` about OpenSSL 0.9.8
--------------------------------------------------------------------
Installing cryptography with OpenSSL 0.9.8 fails
------------------------------------------------
The OpenSSL project has dropped support for the 0.9.8 release series. Since it
is no longer receiving security patches from upstream, ``cryptography`` is also
......@@ -49,9 +49,9 @@ dropping support for it. To fix this issue you should upgrade to a newer
version of OpenSSL (1.0.1 or later). This may require you to upgrade to a newer
operating system.
For the 1.4 release, you can set the ``CRYPTOGRAPHY_ALLOW_OPENSSL_098``
environment variable. Please note that this is *temporary* and will be removed
in ``cryptography`` 1.5.
In ``cryptography`` 1.4, you can set the ``CRYPTOGRAPHY_ALLOW_OPENSSL_098``
environment variable. Please note that this is *temporary* and is removed in
``cryptography`` 1.5.
.. _`NaCl`: https://nacl.cr.yp.to/
.. _`PyNaCl`: https://pynacl.readthedocs.io
......
This diff is collapsed.
......@@ -3,9 +3,8 @@
OpenSSL backend
===============
The `OpenSSL`_ C library. Cryptography supports version ``0.9.8e`` (present in
Red Hat Enterprise Linux 5) and greater. Earlier versions may work but are
**not tested or supported**.
The `OpenSSL`_ C library. Cryptography supports OpenSSL version ``1.0.0`` and
greater.
.. data:: cryptography.hazmat.backends.openssl.backend
......
......@@ -6,8 +6,7 @@ OpenSSL binding
.. currentmodule:: cryptography.hazmat.bindings.openssl.binding
These are `CFFI`_ bindings to the `OpenSSL`_ C library. Cryptography supports
version ``0.9.8e`` (present in Red Hat Enterprise Linux 5) and greater. Earlier
versions may work but are **not tested or supported**.
OpenSSL version ``1.0.0`` and greater.
.. class:: cryptography.hazmat.bindings.openssl.binding.Binding()
......
......@@ -82,9 +82,8 @@ Key interfaces
Generate a DH private key. This method can be used to generate many
new private keys from a single set of parameters.
:return: A
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`
provider.
:return: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`.
.. class:: DHParametersWithSerialization
......
......@@ -24,12 +24,11 @@ Generation
specified in FIPS 186-3 and are still restricted to only the
1024-bit keys specified in FIPS 186-2.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:return: A :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
provider.
:return: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`.
:raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if
the provided ``backend`` does not implement
......@@ -41,19 +40,18 @@ Generation
Generate DSA parameters using the provided ``backend``.
:param int key_size: The length of the modulus in bits. It should be
either 1024, 2048 or 3072. For keys generated in 2015 this should
be `at least 2048`_ (See page 41). Note that some applications
:param int key_size: The length of :attr:`~DSAParameterNumbers.q`. It
should be either 1024, 2048 or 3072. For keys generated in 2015 this
should be `at least 2048`_ (See page 41). Note that some applications
(such as SSH) have not yet gained support for larger key sizes
specified in FIPS 186-3 and are still restricted to only the
1024-bit keys specified in FIPS 186-2.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:return: A :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`
provider.
:return: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`.
:raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if
the provided ``backend`` does not implement
......@@ -63,7 +61,7 @@ Signing
~~~~~~~
Using a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
provider.
instance.
.. doctest::
......@@ -79,6 +77,16 @@ provider.
>>> signer.update(data)
>>> signature = signer.finalize()
There is a shortcut to sign sufficiently short messages directly:
.. doctest::
>>> data = b"this is some data I'd like to sign"
>>> signature = private_key.sign(
... data,
... hashes.SHA256()
... )
The ``signature`` is a ``bytes`` object, whose contents is DER encoded as
described in :rfc:`3279`. This can be decoded using
:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`.
......@@ -87,7 +95,7 @@ Verification
~~~~~~~~~~~~
Verification is performed using a
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` provider.
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` instance.
You can get a public key object with
:func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`,
:func:`~cryptography.hazmat.primitives.serialization.load_der_public_key`,
......@@ -102,6 +110,16 @@ You can get a public key object with
>>> verifier.update(data)
>>> verifier.verify()
There is a shortcut to verify sufficiently short messages directly:
.. doctest::
>>> public_key.verify(
... signature,
... data,
... hashes.SHA256()
... )
``verifier()`` takes the signature in the same format as is returned by
``signer.finalize()``.
......@@ -137,13 +155,11 @@ Numbers
.. method:: parameters(backend)
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:returns: A new instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`
provider.
:returns: A new instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`.
.. class:: DSAPublicNumbers(y, parameter_numbers)
......@@ -166,13 +182,11 @@ Numbers
.. method:: public_key(backend)
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:returns: A new instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
provider.
:returns: A new instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`.
.. class:: DSAPrivateNumbers(x, public_numbers)
......@@ -200,13 +214,11 @@ Numbers
.. method:: private_key(backend)
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:returns: A new instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
provider.
:returns: A new instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`.
Key interfaces
~~~~~~~~~~~~~~
......@@ -224,9 +236,8 @@ Key interfaces
Generate a DSA private key. This method can be used to generate many
new private keys from a single set of parameters.
:return: A
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
provider.
:return: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`.
.. class:: DSAParametersWithNumbers
......@@ -272,13 +283,11 @@ Key interfaces
The signature is formatted as DER-encoded bytes, as specified in
:rfc:`3279`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
......@@ -287,7 +296,21 @@ Key interfaces
:type: int
The bit length of the modulus.
The bit length of :attr:`~DSAParameterNumbers.q`.
.. method:: sign(data, algorithm)
.. versionadded:: 1.5
Sign one block of data which can be verified later by others using the
public key.
:param bytes data: The message string to sign.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:return bytes: Signature.
.. class:: DSAPrivateKeyWithSerialization
......@@ -344,7 +367,7 @@ Key interfaces
:type: int
The bit length of the modulus.
The bit length of :attr:`~DSAParameterNumbers.q`.
.. method:: parameters()
......@@ -362,13 +385,11 @@ Key interfaces
:param bytes signature: The signature to verify. DER encoded as
specified in :rfc:`3279`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
......@@ -400,6 +421,23 @@ Key interfaces
:return bytes: Serialized key.
.. method:: verify(signature, data, algorithm)
.. versionadded:: 1.5
Verify one block of data was signed by the private key
associated with this public key.
:param bytes signature: The signature to verify.
:param bytes data: The message string that was signed.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:raises cryptography.exceptions.InvalidSignature: If the signature does
not validate.
.. class:: DSAPublicKeyWithSerialization
......
......@@ -12,13 +12,12 @@ Elliptic curve cryptography
Generate a new private key on ``curve`` for use with ``backend``.
:param curve: A :class:`EllipticCurve` provider.
:param curve: An instance of :class:`EllipticCurve`.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
:returns: A new instance of a :class:`EllipticCurvePrivateKey` provider.
:returns: A new instance of :class:`EllipticCurvePrivateKey`.
Elliptic Curve Signature Algorithms
......@@ -31,9 +30,8 @@ Elliptic Curve Signature Algorithms
The ECDSA signature algorithm first standardized in NIST publication
`FIPS 186-3`_, and later in `FIPS 186-4`_.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
.. doctest::
......@@ -48,6 +46,16 @@ Elliptic Curve Signature Algorithms
>>> signer.update(b" to sign")
>>> signature = signer.finalize()
There is a shortcut to sign sufficiently short messages directly:
.. doctest::
>>> data = b"this is some data I'd like to sign"
>>> signature = private_key.sign(
... data,
... ec.ECDSA(hashes.SHA256())
... )
The ``signature`` is a ``bytes`` object, whose contents is DER encoded as
described in :rfc:`3279`. This can be decoded using
:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`.
......@@ -78,12 +86,10 @@ Elliptic Curve Signature Algorithms
Convert a collection of numbers into a private key suitable for doing
actual cryptographic operations.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
:returns: A new instance of a :class:`EllipticCurvePrivateKey`
provider.
:returns: A new instance of :class:`EllipticCurvePrivateKey`.
.. class:: EllipticCurvePublicNumbers(x, y, curve)
......@@ -115,12 +121,10 @@ Elliptic Curve Signature Algorithms
Convert a collection of numbers into a public key suitable for doing
actual cryptographic operations.
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
:returns: A new instance of a :class:`EllipticCurvePublicKey`
provider.
:returns: A new instance of :class:`EllipticCurvePublicKey`.
.. method:: encode_point()
......@@ -207,7 +211,7 @@ Currently `cryptography` only supports NIST curves, none of which are
considered "safe" by the `SafeCurves`_ project run by Daniel J. Bernstein and
Tanja Lange.
All named curves are providers of :class:`EllipticCurve`.
All named curves are instances of :class:`EllipticCurve`.
.. class:: SECT571K1
......@@ -371,8 +375,8 @@ Key Interfaces
The signature is formatted as DER-encoded bytes, as specified in
:rfc:`3279`.
:param signature_algorithm: An instance of a
:class:`EllipticCurveSignatureAlgorithm` provider.
:param signature_algorithm: An instance of
:class:`EllipticCurveSignatureAlgorithm`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
......@@ -401,6 +405,20 @@ Key Interfaces
The EllipticCurvePublicKey object for this private key.
.. method:: sign(data, signature_algorithm)
.. versionadded:: 1.5
Sign one block of data which can be verified later by others using the
public key.
:param bytes data: The message string to sign.
:param signature_algorithm: An instance of
:class:`EllipticCurveSignatureAlgorithm`, such as :class:`ECDSA`.
:return bytes: Signature.
.. class:: EllipticCurvePrivateKeyWithSerialization
......@@ -455,8 +473,8 @@ Key Interfaces
:param bytes signature: The signature to verify. DER encoded as
specified in :rfc:`3279`.
:param signature_algorithm: An instance of a
:class:`EllipticCurveSignatureAlgorithm` provider.
:param signature_algorithm: An instance of
:class:`EllipticCurveSignatureAlgorithm`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
......@@ -490,6 +508,23 @@ Key Interfaces
:return bytes: Serialized key.
.. method:: verify(signature, data, signature_algorithm)
.. versionadded:: 1.5
Verify one block of data was signed by the private key associated
with this public key.
:param bytes signature: The signature to verify.
:param bytes data: The message string that was signed.
:param signature_algorithm: An instance of
:class:`EllipticCurveSignatureAlgorithm`.
:raises cryptography.exceptions.InvalidSignature: If the signature does
not validate.
.. class:: EllipticCurvePublicKeyWithSerialization
......
......@@ -44,7 +44,7 @@ mathematical properties`_.
`at least 2048`_ (See page 41). It must not be less than 512.
Some backends may have additional limitations.
:param backend: A backend which provides
:param backend: A backend which implements
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
:return: An instance of
......@@ -311,9 +311,8 @@ Padding
:param mgf: A mask generation function object. At this time the only
supported MGF is :class:`MGF1`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:param bytes label: A label to apply. This is a rarely used field and
should typically be set to ``None`` or ``b""``, which are equivalent.
......@@ -330,6 +329,20 @@ Padding
:class:`OAEP` should be preferred for encryption and :class:`PSS` should be
preferred for signatures.
.. function:: calculate_max_pss_salt_length(key, hash_algorithm)
.. versionadded:: 1.5
:param key: An RSA public or private key.
:param hash_algorithm: A
:class:`cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:returns int: The computed salt length.
Computes the length of the salt that :class:`PSS` will use if
:data:`PSS.MAX_LENGTH` is used.
Mask generation functions
-------------------------
......@@ -341,11 +354,10 @@ Mask generation functions
Removed the deprecated ``salt_length`` parameter.
MGF1 (Mask Generation Function 1) is used as the mask generation function
in :class:`PSS` padding. It takes a hash algorithm and a salt length.
in :class:`PSS` and :class:`OAEP` padding. It takes a hash algorithm.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
Numbers
~~~~~~~
......@@ -376,13 +388,11 @@ is unavailable.
.. method:: public_key(backend)
:param backend: A
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`
provider.
:param backend: An instance of
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
:returns: A new instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
provider.
:returns: A new instance of
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`.
.. class:: RSAPrivateNumbers(p, q, d, dmp1, dmq1, iqmp, public_numbers)
......@@ -445,13 +455,11 @@ is unavailable.
.. method:: private_key(backend)
:param backend: A new instance of a
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`
provider.
:param backend: A new instance of
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
:returns: A
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
provider.
:returns: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`.
Handling partial RSA private keys
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
......@@ -476,15 +484,15 @@ this without having to do the math themselves.
.. versionadded:: 0.4
Computes the ``dmp1`` parameter from the RSA private exponent and prime
``p``.
Computes the ``dmp1`` parameter from the RSA private exponent (``d``) and
prime ``p``.
.. function:: rsa_crt_dmq1(private_exponent, q)
.. versionadded:: 0.4
Computes the ``dmq1`` parameter from the RSA private exponent and prime
``q``.
Computes the ``dmq1`` parameter from the RSA private exponent (``d``) and
prime ``q``.
.. function:: rsa_recover_prime_factors(n, e, d)
......@@ -496,7 +504,9 @@ this without having to do the math themselves.
.. note::
When recovering prime factors this algorithm will always return ``p``
and ``q`` such that ``p < q``.
and ``q`` such that ``p > q``. Note: before 1.5, this function always
returned ``p`` and ``q`` such that ``p < q``. It was changed because
libraries commonly require ``p > q``.
:return: A tuple ``(p, q)``
......@@ -517,13 +527,11 @@ Key interfaces
Get signer to sign data which can be verified later by others using
the public key.
:param padding: An instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
provider.
:param padding: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
......@@ -536,9 +544,8 @@ Key interfaces
:param bytes ciphertext: The ciphertext to decrypt.
:param padding: An instance of an
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
provider.
:param padding: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`.
:return bytes: Decrypted data.
......@@ -563,15 +570,13 @@ Key interfaces
:param bytes data: The message string to sign.
:param padding: An instance of an
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
provider.
:param padding: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:return: bytes: Signature.
:return bytes: Signature.
.. class:: RSAPrivateKeyWithSerialization
......@@ -633,13 +638,11 @@ Key interfaces
:param bytes signature: The signature to verify.
:param padding: An instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
provider.
:param padding: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`.
:param algorithm: An instance of a
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
provider.
:param algorithm: An instance of
:class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
:returns:
:class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
......@@ -652,9 +655,8 @@ Key interfaces
:param bytes plaintext: The plaintext to encrypt.
:param padding: An instance of a
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
provider.
:param padding: An instance of
:class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`.
:return bytes: Encrypted data.
......@@ -697,20 +699,18 @@ Key interfaces
.. versionadded:: 1.4
Verify one block of data which can be verified later by others using the
public key.