Crypto.Signature
package¶
The Crypto.Signature
package contains algorithms for performing digital
signatures, used to guarantee integrity and non-repudiation.
Digital signatures are based on public key cryptography: the party that signs a message holds the private key, the one that verifies the signature holds the public key.
Signing a message¶
- You instatiate a new signer object using the
new()
method in the module of the desired algorithm. The first parameter is always the key object (private key) obtained via theCrypto.PublicKey
module. - You instatiate a cryptographic hash (see
Crypto.Hash
) and digest the message with it. - You call
sign()
on the hash object. The output is the signature of the message (a byte string).
Verifying a signature¶
- You instatiate a new verifier object using the
new()
method in the module of the desired algorithm. The first parameter is always the key object (public key) obtained via theCrypto.PublicKey
module. - You instatiate a cryptographic hash (see
Crypto.Hash
) and digest the message with it. - You call
verify()
on the hash object and the incoming signature. If the message is not authentic, anValueError
is raised.