PKCS#1 v1.5 (RSA)

An old but still solid digital signature scheme based on RSA.

It is more formally called RSASSA-PKCS1-v1_5 in Section 8.2 of RFC8017.

The following example shows how a private RSA key (loaded from a file) can be used to compute the signature of a message:

>>> from Crypto.Signature import pkcs1_15
>>> from Crypto.Hash import SHA256
>>> from Crypto.PublicKey import RSA
>>> message = b'To be signed'
>>> key = RSA.import_key(open('private_key.der').read())
>>> h =
>>> signature =

At the other end, the receiver can verify the signature (and therefore the authenticity of the message) using the matching public RSA key:

>>> key = RSA.import_key(open('public_key.der').read())
>>> h =
>>> try:
>>>, signature)
>>>     print "The signature is valid."
>>> except (ValueError, TypeError):
>>>    print "The signature is not valid."
class Crypto.Signature.pkcs1_15.PKCS115_SigScheme(rsa_key)

A signature object for RSASSA-PKCS1-v1_5. Do not instantiate directly. Use


Return True if this object can be used to sign messages.


Create the PKCS#1 v1.5 signature of a message.

This function is also called RSASSA-PKCS1-V1_5-SIGN and it is specified in section 8.2.1 of RFC8017.


msg_hash (hash object) – This is an object from the Crypto.Hash package. It has been used to digest the message to sign.


the signature encoded as a byte string.

  • ValueError – if the RSA key is not long enough for the given hash algorithm.
  • TypeError – if the RSA key has no private half.
verify(msg_hash, signature)

Check if the PKCS#1 v1.5 signature over a message is valid.

This function is also called RSASSA-PKCS1-V1_5-VERIFY and it is specified in section 8.2.2 of RFC8037.

  • msg_hash – The hash that was carried out over the message. This is an object belonging to the Crypto.Hash module.
  • signature (byte string) – The signature that needs to be validated.

ValueError – if the signature is not valid.

Create a signature object for creating or verifying PKCS#1 v1.5 signatures.

Parameters:rsa_key (RSA object) – The RSA key to use for signing or verifying the message. This is a Crypto.PublicKey.RSA object. Signing is only possible when rsa_key is a private RSA key.
Returns:a PKCS115_SigScheme signature object