Reputation: 124
Using RSA in Python 3, need to sign a message (without hashing the message)
Python 3 lib I am using:RSA stuvel
In this library the sign function first generates a hash and then signs it. Any way I can get it to sign a message without hashing it first?
Alternatively any other library available which can do the same?
Upvotes: 3
Views: 653
Answers (1)
Reputation: 93948
There is a function here: Package Crypto :: Package PublicKey :: Module RSA :: Class _RSAobj sign.
But note that usually the signature generation is over a hash, extended by an DER encoded structure indicating the hash, which is in turn padded and turned into a number to form the input to the actual modular exponentiation operation. This method just performs the last step; you'd have to do the other ones yourself, and note that they are required from a security perspective.
This is all specified in the PKCS#1 specifications. Note that this is tricky stuff, you may want to copy it from an open source implementation. Or you could just provide it a hash, which is a very good idea - to hash the message first.
There is also the retracted ISO/IEC 9796 which describes signatures with message recovery, which is what you may be after. I don't see an implementation in Python directly. Be sure what you are doing before using a library even if you find it though.
Good luck!
Upvotes: 1
Related Questions
- How to generate a digital signature of a string in Python?
- How to sign and verify signature with ecdsa in python
- RSA signing with Python verifying with C#
- Python 3 sign a message with key sha512
- RSA sign in python and verify in JS
- RSA signature creation and transfer
- Need help verifying a signature with the Python Cryptography library
- How to show the actual value of a signature using the RSA library in Python?
- How do you verify an RSA SHA1 signature in Python?
- Python RSA Private Key signing error