# PKCS#1 v1.5 (RSA)¶

An old but still solid digital signature scheme based on RSA.

It is more formally called RSASSA-PKCS1-v1_5 in Section 8.2 of RFC8017.

The following example shows how a private RSA key (loaded from a file) can be used to compute the signature of a message:

>>> from Crypto.Signature import pkcs1_15
>>> from Crypto.Hash import SHA256
>>> from Crypto.PublicKey import RSA
>>>
>>> message = 'To be signed'
>>> h = SHA256.new(message)
>>> signature = pkcs1_15.new(key).sign(h)


At the other end, the receiver can verify the signature (and therefore the authenticity of the message) using the matching public RSA key:

>>> key = RSA.import_key(open('public_key.der').read())
>>> h = SHA256.new(message)
>>> try:
>>>     pkcs1_15.new(key).verify(h, signature)
>>>     print "The signature is valid."
>>> except (ValueError, TypeError):
>>>    print "The signature is not valid."

class Crypto.Signature.pkcs1_15.PKCS115_SigScheme(rsa_key)

A signature object for RSASSA-PKCS1-v1_5. Do not instantiate directly. Use Crypto.Signature.pkcs1_15.new().

can_sign()

Return True if this object can be used to sign messages.

sign(msg_hash)

Create the PKCS#1 v1.5 signature of a message.

This function is also called RSASSA-PKCS1-V1_5-SIGN and it is specified in section 8.2.1 of RFC8017.

Parameters: msg_hash (hash object) – This is an object from the Crypto.Hash package. It has been used to digest the message to sign. the signature encoded as a byte string. ValueError – if the RSA key is not long enough for the given hash algorithm. TypeError – if the RSA key has no private half.
verify(msg_hash, signature)

Check if the PKCS#1 v1.5 signature over a message is valid.

This function is also called RSASSA-PKCS1-V1_5-VERIFY and it is specified in section 8.2.2 of RFC8037.

Parameters: msg_hash – The hash that was carried out over the message. This is an object belonging to the Crypto.Hash module. signature (byte string) – The signature that needs to be validated. ValueError – if the signature is not valid.
Crypto.Signature.pkcs1_15.new(rsa_key)

Create a signature object for creating or verifying PKCS#1 v1.5 signatures.

Parameters: rsa_key (RSA object) – The RSA key to use for signing or verifying the message. This is a Crypto.PublicKey.RSA object. Signing is only possible when rsa_key is a private RSA key. a PKCS115_SigScheme signature object