本文整理汇总了Python中cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey方法的典型用法代码示例。如果您正苦于以下问题:Python dsa.DSAPublicKey方法的具体用法?Python dsa.DSAPublicKey怎么用?Python dsa.DSAPublicKey使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.hazmat.primitives.asymmetric.dsa的用法示例。
在下文中一共展示了dsa.DSAPublicKey方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: from_cryptography_key
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def from_cryptography_key(cls, crypto_key):
"""
Construct based on a ``cryptography`` *crypto_key*.
:param crypto_key: A ``cryptography`` key.
:type crypto_key: One of ``cryptography``'s `key interfaces`_.
:rtype: PKey
.. versionadded:: 16.1.0
"""
pkey = cls()
if not isinstance(crypto_key, (rsa.RSAPublicKey, rsa.RSAPrivateKey,
dsa.DSAPublicKey, dsa.DSAPrivateKey)):
raise TypeError("Unsupported key type")
pkey._pkey = crypto_key._evp_pkey
if isinstance(crypto_key, (rsa.RSAPublicKey, dsa.DSAPublicKey)):
pkey._only_public = True
pkey._initialized = True
return pkey 示例2: type
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def type(self):
"""
Return the type of the object we wrap. Currently this can only be
'RSA', 'DSA', or 'EC'.
@rtype: L{str}
@raises RuntimeError: If the object type is unknown.
"""
if isinstance(
self._keyObject, (rsa.RSAPublicKey, rsa.RSAPrivateKey)):
return 'RSA'
elif isinstance(
self._keyObject, (dsa.DSAPublicKey, dsa.DSAPrivateKey)):
return 'DSA'
elif isinstance(
self._keyObject, (ec.EllipticCurvePublicKey, ec.EllipticCurvePrivateKey)):
return 'EC'
else:
raise RuntimeError(
'unknown type of object: %r' % (self._keyObject,)) 示例3: public_key
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def public_key(self, key):
"""
Sets the requestor's public key (as found in the signing request).
"""
if not isinstance(key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
ec.EllipticCurvePublicKey)):
raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
' or EllipticCurvePublicKey.')
if self._public_key is not None:
raise ValueError('The public key may only be set once.')
return CertificateBuilder(
self._issuer_name, self._subject_name, key,
self._serial_number, self._not_valid_before,
self._not_valid_after, self._extensions
) 示例4: isPublic
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def isPublic(self):
"""
Check if this instance is a public key.
@return: C{True} if this is a public key.
"""
return isinstance(
self._keyObject,
(rsa.RSAPublicKey, dsa.DSAPublicKey, ec.EllipticCurvePublicKey)) 示例5: is_signature_valid
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def is_signature_valid(self, public_key):
if not isinstance(public_key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
ec.EllipticCurvePublicKey)):
raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
' or EllipticCurvePublicKey.')
res = self._backend._lib.X509_CRL_verify(
self._x509_crl, public_key._evp_pkey
)
if res != 1:
self._backend._consume_errors()
return False
return True 示例6: _openssh_public_key_bytes
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def _openssh_public_key_bytes(self, key):
if isinstance(key, rsa.RSAPublicKey):
public_numbers = key.public_numbers()
return b"ssh-rsa " + base64.b64encode(
serialization._ssh_write_string(b"ssh-rsa") +
serialization._ssh_write_mpint(public_numbers.e) +
serialization._ssh_write_mpint(public_numbers.n)
)
elif isinstance(key, dsa.DSAPublicKey):
public_numbers = key.public_numbers()
parameter_numbers = public_numbers.parameter_numbers
return b"ssh-dss " + base64.b64encode(
serialization._ssh_write_string(b"ssh-dss") +
serialization._ssh_write_mpint(parameter_numbers.p) +
serialization._ssh_write_mpint(parameter_numbers.q) +
serialization._ssh_write_mpint(parameter_numbers.g) +
serialization._ssh_write_mpint(public_numbers.y)
)
else:
assert isinstance(key, ec.EllipticCurvePublicKey)
public_numbers = key.public_numbers()
try:
curve_name = {
ec.SECP256R1: b"nistp256",
ec.SECP384R1: b"nistp384",
ec.SECP521R1: b"nistp521",
}[type(public_numbers.curve)]
except KeyError:
raise ValueError(
"Only SECP256R1, SECP384R1, and SECP521R1 curves are "
"supported by the SSH public key format"
)
return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
serialization._ssh_write_string(b"ecdsa-sha2-" + curve_name) +
serialization._ssh_write_string(curve_name) +
serialization._ssh_write_string(public_numbers.encode_point())
) 示例7: _cert_type_string
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def _cert_type_string(self, pub_key) -> str:
if isinstance(pub_key, rsa.RSAPublicKey):
return "RSA"
elif isinstance(pub_key, ec.EllipticCurvePublicKey):
return "ECDSA"
elif isinstance(pub_key, ed25519.Ed25519PublicKey):
return "ED25519"
elif isinstance(pub_key, ed448.Ed448PublicKey):
return "ED448"
elif isinstance(pub_key, dsa.DSAPublicKey):
return "DSA"
return "" 示例8: data
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def data(self):
"""
Return the values of the public key as a dictionary.
@rtype: L{dict}
"""
if isinstance(self._keyObject, rsa.RSAPublicKey):
numbers = self._keyObject.public_numbers()
return {
"n": numbers.n,
"e": numbers.e,
}
elif isinstance(self._keyObject, rsa.RSAPrivateKey):
numbers = self._keyObject.private_numbers()
return {
"n": numbers.public_numbers.n,
"e": numbers.public_numbers.e,
"d": numbers.d,
"p": numbers.p,
"q": numbers.q,
# Use a trick: iqmp is q^-1 % p, u is p^-1 % q
"u": rsa.rsa_crt_iqmp(numbers.q, numbers.p),
}
elif isinstance(self._keyObject, dsa.DSAPublicKey):
numbers = self._keyObject.public_numbers()
return {
"y": numbers.y,
"g": numbers.parameter_numbers.g,
"p": numbers.parameter_numbers.p,
"q": numbers.parameter_numbers.q,
}
elif isinstance(self._keyObject, dsa.DSAPrivateKey):
numbers = self._keyObject.private_numbers()
return {
"x": numbers.x,
"y": numbers.public_numbers.y,
"g": numbers.public_numbers.parameter_numbers.g,
"p": numbers.public_numbers.parameter_numbers.p,
"q": numbers.public_numbers.parameter_numbers.q,
}
elif isinstance(self._keyObject, ec.EllipticCurvePublicKey):
numbers = self._keyObject.public_numbers()
return {
"x": numbers.x,
"y": numbers.y,
"curve": self.sshType(),
}
elif isinstance(self._keyObject, ec.EllipticCurvePrivateKey):
numbers = self._keyObject.private_numbers()
return {
"x": numbers.public_numbers.x,
"y": numbers.public_numbers.y,
"privateValue": numbers.private_value,
"curve": self.sshType(),
}
else:
raise RuntimeError("Unexpected key type: %s" % (self._keyObject,)) 示例9: _verify_signature_with_pubkey
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def _verify_signature_with_pubkey(self, signed_info_c14n, raw_signature, key_value, der_encoded_key_value,
signature_alg):
if der_encoded_key_value is not None:
key = load_der_public_key(b64decode(der_encoded_key_value.text), backend=default_backend())
if "ecdsa-" in signature_alg:
if key_value is not None:
ec_key_value = self._find(key_value, "ECKeyValue", namespace="dsig11")
named_curve = self._find(ec_key_value, "NamedCurve", namespace="dsig11")
public_key = self._find(ec_key_value, "PublicKey", namespace="dsig11")
key_data = b64decode(public_key.text)[1:]
x = bytes_to_long(key_data[:len(key_data)//2])
y = bytes_to_long(key_data[len(key_data)//2:])
curve_class = self.known_ecdsa_curves[named_curve.get("URI")]
key = ec.EllipticCurvePublicNumbers(x=x, y=y, curve=curve_class()).public_key(backend=default_backend())
elif not isinstance(key, ec.EllipticCurvePublicKey):
raise InvalidInput("DER encoded key value does not match specified signature algorithm")
dss_signature = self._encode_dss_signature(raw_signature, key.key_size)
key.verify(
dss_signature,
data=signed_info_c14n,
signature_algorithm=ec.ECDSA(
self._get_signature_digest_method(signature_alg)
),
)
elif "dsa-" in signature_alg:
if key_value is not None:
dsa_key_value = self._find(key_value, "DSAKeyValue")
p = self._get_long(dsa_key_value, "P")
q = self._get_long(dsa_key_value, "Q")
g = self._get_long(dsa_key_value, "G", require=False)
y = self._get_long(dsa_key_value, "Y")
pn = dsa.DSAPublicNumbers(y=y, parameter_numbers=dsa.DSAParameterNumbers(p=p, q=q, g=g))
key = pn.public_key(backend=default_backend())
elif not isinstance(key, dsa.DSAPublicKey):
raise InvalidInput("DER encoded key value does not match specified signature algorithm")
# TODO: supply meaningful key_size_bits for signature length assertion
dss_signature = self._encode_dss_signature(raw_signature, len(raw_signature) * 8 / 2)
key.verify(dss_signature,
data=signed_info_c14n,
algorithm=self._get_signature_digest_method(signature_alg))
elif "rsa-" in signature_alg:
if key_value is not None:
rsa_key_value = self._find(key_value, "RSAKeyValue")
modulus = self._get_long(rsa_key_value, "Modulus")
exponent = self._get_long(rsa_key_value, "Exponent")
key = rsa.RSAPublicNumbers(e=exponent, n=modulus).public_key(backend=default_backend())
elif not isinstance(key, rsa.RSAPublicKey):
raise InvalidInput("DER encoded key value does not match specified signature algorithm")
key.verify(raw_signature,
data=signed_info_c14n,
padding=PKCS1v15(),
algorithm=self._get_signature_digest_method(signature_alg))
else:
raise NotImplementedError() 示例10: test_arguments
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def test_arguments(self):
with self.assertSignal(pre_create_ca) as pre, self.assertSignal(post_create_ca) as post:
out, err = self.init_ca(
algorithm=hashes.SHA1(),
key_type='DSA',
key_size=1024,
expires=self.expires(720),
pathlen=3,
issuer_url='http://issuer.ca.example.com',
issuer_alt_name={'value': ['http://ian.ca.example.com']},
crl_url=['http://crl.example.com'],
ocsp_url='http://ocsp.example.com',
ca_issuer_url='http://ca.issuer.ca.example.com',
permit_name=['DNS:.com'],
exclude_name=['DNS:.net'],
)
self.assertTrue(pre.called)
self.assertEqual(out, '')
self.assertEqual(err, '')
ca = CertificateAuthority.objects.first()
self.assertPostCreateCa(post, ca)
self.assertPrivateKey(ca)
self.assertSerial(ca.serial)
ca.full_clean() # assert e.g. max_length in serials
self.assertSignature([ca], ca)
self.assertEqual(ca.name_constraints, NameConstraints({'value': {
'permitted': ['DNS:.com'],
'excluded': ['DNS:.net']
}}))
# test the private key
key = ca.key(None)
self.assertIsInstance(key, dsa.DSAPrivateKey)
self.assertEqual(key.key_size, 1024)
self.assertTrue(isinstance(ca.x509.signature_hash_algorithm, hashes.SHA1))
self.assertTrue(isinstance(ca.x509.public_key(), dsa.DSAPublicKey))
self.assertIsNone(ca.crl_distribution_points)
self.assertEqual(ca.authority_information_access, AuthorityInformationAccess(
{'value': {'issuers': ['URI:http://ca.issuer.ca.example.com']}}))
self.assertEqual(ca.name_constraints, NameConstraints({'value': {
'permitted': ['DNS:.com'],
'excluded': ['DNS:.net']
}}))
self.assertEqual(ca.pathlen, 3)
self.assertEqual(ca.max_pathlen, 3)
self.assertTrue(ca.allows_intermediate_ca)
self.assertEqual(ca.issuer_url, 'http://issuer.ca.example.com')
self.assertEqual(ca.issuer_alt_name, 'URI:http://ian.ca.example.com')
self.assertEqual(ca.crl_url, 'http://crl.example.com')
self.assertEqual(ca.ocsp_url, 'http://ocsp.example.com')
self.assertIssuer(ca, ca)
self.assertAuthorityKeyIdentifier(ca, ca) 示例11: _openssh_public_key_bytes
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def _openssh_public_key_bytes(self, key):
if isinstance(key, rsa.RSAPublicKey):
public_numbers = key.public_numbers()
return b"ssh-rsa " + base64.b64encode(
ssh._ssh_write_string(b"ssh-rsa") +
ssh._ssh_write_mpint(public_numbers.e) +
ssh._ssh_write_mpint(public_numbers.n)
)
elif isinstance(key, dsa.DSAPublicKey):
public_numbers = key.public_numbers()
parameter_numbers = public_numbers.parameter_numbers
return b"ssh-dss " + base64.b64encode(
ssh._ssh_write_string(b"ssh-dss") +
ssh._ssh_write_mpint(parameter_numbers.p) +
ssh._ssh_write_mpint(parameter_numbers.q) +
ssh._ssh_write_mpint(parameter_numbers.g) +
ssh._ssh_write_mpint(public_numbers.y)
)
else:
assert isinstance(key, ec.EllipticCurvePublicKey)
public_numbers = key.public_numbers()
try:
curve_name = {
ec.SECP256R1: b"nistp256",
ec.SECP384R1: b"nistp384",
ec.SECP521R1: b"nistp521",
}[type(public_numbers.curve)]
except KeyError:
raise ValueError(
"Only SECP256R1, SECP384R1, and SECP521R1 curves are "
"supported by the SSH public key format"
)
point = key.public_bytes(
serialization.Encoding.X962,
serialization.PublicFormat.UncompressedPoint
)
return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
ssh._ssh_write_string(b"ecdsa-sha2-" + curve_name) +
ssh._ssh_write_string(curve_name) +
ssh._ssh_write_string(point)
) 示例12: _openssh_public_key_bytes
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import dsa [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey [as 别名]
def _openssh_public_key_bytes(self, key):
if isinstance(key, rsa.RSAPublicKey):
public_numbers = key.public_numbers()
return b"ssh-rsa " + base64.b64encode(
ssh._ssh_write_string(b"ssh-rsa") +
ssh._ssh_write_mpint(public_numbers.e) +
ssh._ssh_write_mpint(public_numbers.n)
)
elif isinstance(key, dsa.DSAPublicKey):
public_numbers = key.public_numbers()
parameter_numbers = public_numbers.parameter_numbers
return b"ssh-dss " + base64.b64encode(
ssh._ssh_write_string(b"ssh-dss") +
ssh._ssh_write_mpint(parameter_numbers.p) +
ssh._ssh_write_mpint(parameter_numbers.q) +
ssh._ssh_write_mpint(parameter_numbers.g) +
ssh._ssh_write_mpint(public_numbers.y)
)
elif isinstance(key, ed25519.Ed25519PublicKey):
raw_bytes = key.public_bytes(serialization.Encoding.Raw,
serialization.PublicFormat.Raw)
return b"ssh-ed25519 " + base64.b64encode(
ssh._ssh_write_string(b"ssh-ed25519") +
ssh._ssh_write_string(raw_bytes)
)
elif isinstance(key, ec.EllipticCurvePublicKey):
public_numbers = key.public_numbers()
try:
curve_name = {
ec.SECP256R1: b"nistp256",
ec.SECP384R1: b"nistp384",
ec.SECP521R1: b"nistp521",
}[type(public_numbers.curve)]
except KeyError:
raise ValueError(
"Only SECP256R1, SECP384R1, and SECP521R1 curves are "
"supported by the SSH public key format"
)
point = key.public_bytes(
serialization.Encoding.X962,
serialization.PublicFormat.UncompressedPoint
)
return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
ssh._ssh_write_string(b"ecdsa-sha2-" + curve_name) +
ssh._ssh_write_string(curve_name) +
ssh._ssh_write_string(point)
)
else:
raise ValueError(
"OpenSSH encoding is not supported for this key type"
)