PKCS#1 v1.5 (RSA)¶
An old but still solid digital signature scheme based on RSA.
It is more formally called RSASSAPKCS1v1_5
in Section 8.2 of RFC8017.
The following example shows how a private RSA key (loaded from a file) can be used to compute the signature of a message:
>>> from Crypto.Signature import pkcs1_15
>>> from Crypto.Hash import SHA256
>>> from Crypto.PublicKey import RSA
>>>
>>> message = 'To be signed'
>>> key = RSA.import_key(open('private_key.der').read())
>>> h = SHA256.new(message)
>>> signature = pkcs1_15.new(key).sign(h)
At the other end, the receiver can verify the signature (and therefore the authenticity of the message) using the matching public RSA key:
>>> key = RSA.import_key(open('public_key.der').read())
>>> h = SHA256.new(message)
>>> try:
>>> pkcs1_15.new(key).verify(h, signature)
>>> print "The signature is valid."
>>> except (ValueError, TypeError):
>>> print "The signature is not valid."

class
Crypto.Signature.pkcs1_15.
PKCS115_SigScheme
(rsa_key)¶ A signature object for
RSASSAPKCS1v1_5
. Do not instantiate directly. UseCrypto.Signature.pkcs1_15.new()
.
can_sign
()¶ Return
True
if this object can be used to sign messages.

sign
(msg_hash)¶ Create the PKCS#1 v1.5 signature of a message.
This function is also called
RSASSAPKCS1V1_5SIGN
and it is specified in section 8.2.1 of RFC8017.Parameters: msg_hash (hash object) – This is an object from the
Crypto.Hash
package. It has been used to digest the message to sign.Returns: the signature encoded as a byte string.
Raises:  ValueError – if the RSA key is not long enough for the given hash algorithm.
 TypeError – if the RSA key has no private half.

verify
(msg_hash, signature)¶ Check if the PKCS#1 v1.5 signature over a message is valid.
This function is also called
RSASSAPKCS1V1_5VERIFY
and it is specified in section 8.2.2 of RFC8037.Parameters:  msg_hash – The hash that was carried out over the message. This is an object
belonging to the
Crypto.Hash
module.  signature (byte string) – The signature that needs to be validated.
Raises: ValueError – if the signature is not valid.
 msg_hash – The hash that was carried out over the message. This is an object
belonging to the


Crypto.Signature.pkcs1_15.
new
(rsa_key)¶ Create a signature object for creating or verifying PKCS#1 v1.5 signatures.
Parameters: rsa_key (RSA object) – The RSA key to use for signing or verifying the message. This is a Crypto.PublicKey.RSA
object. Signing is only possible whenrsa_key
is a private RSA key.Returns: a PKCS115_SigScheme
signature object