.. hazmat:: DSA === .. module:: cryptography.hazmat.primitives.asymmetric.dsa .. note:: DSA is a **legacy algorithm** and should generally be avoided in favor of choices like :doc:`EdDSA using curve25519` or :doc:`ECDSA`. `DSA`_ is a `public-key`_ algorithm for signing messages. Generation ~~~~~~~~~~ .. function:: generate_private_key(key_size, backend=None) .. versionadded:: 0.5 .. versionchanged:: 3.0 Added support for 4096-bit keys for some legacy applications that continue to use DSA despite the wider cryptographic community's `ongoing protestations`_. Generate a DSA private key from the given key size. This function will generate a new set of parameters and key in one step. :param int key_size: The length of the modulus in :term:`bits`. It should be either 1024, 2048, 3072, or 4096. For keys generated in 2015 this should be `at least 2048`_ (See page 41). :param backend: An optional instance of :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. :return: An instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`. :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the provided ``backend`` does not implement :class:`~cryptography.hazmat.backends.interfaces.DSABackend` .. function:: generate_parameters(key_size, backend=None) .. versionadded:: 0.5 .. versionchanged:: 3.0 Added support for 4096-bit keys for some legacy applications that continue to use DSA despite the wider cryptographic community's `ongoing protestations`_. Generate DSA parameters using the provided ``backend``. :param int key_size: The length of :attr:`~DSAParameterNumbers.q`. It should be either 1024, 2048, 3072, or 4096. For keys generated in 2015 this should be `at least 2048`_ (See page 41). :param backend: An optional instance of :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. :return: An instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`. :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the provided ``backend`` does not implement :class:`~cryptography.hazmat.backends.interfaces.DSABackend` Signing ~~~~~~~ Using a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey` instance. .. doctest:: >>> from cryptography.hazmat.primitives import hashes >>> from cryptography.hazmat.primitives.asymmetric import dsa >>> private_key = dsa.generate_private_key( ... key_size=1024, ... ) >>> data = b"this is some data I'd like to sign" >>> signature = private_key.sign( ... data, ... hashes.SHA256() ... ) The ``signature`` is a ``bytes`` object, whose contents is DER encoded as described in :rfc:`3279`. This can be decoded using :func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`. If your data is too large to be passed in a single call, you can hash it separately and pass that value using :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed`. .. doctest:: >>> from cryptography.hazmat.primitives.asymmetric import utils >>> chosen_hash = hashes.SHA256() >>> hasher = hashes.Hash(chosen_hash) >>> hasher.update(b"data & ") >>> hasher.update(b"more data") >>> digest = hasher.finalize() >>> sig = private_key.sign( ... digest, ... utils.Prehashed(chosen_hash) ... ) Verification ~~~~~~~~~~~~ Verification is performed using a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` instance. You can get a public key object with :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`, :func:`~cryptography.hazmat.primitives.serialization.load_der_public_key`, :meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicNumbers.public_key` , or :meth:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey.public_key`. .. doctest:: >>> public_key = private_key.public_key() >>> public_key.verify( ... signature, ... data, ... hashes.SHA256() ... ) ``verify()`` takes the signature in the same format as is returned by ``sign()``. ``verify()`` will raise an :class:`~cryptography.exceptions.InvalidSignature` exception if the signature isn't valid. If your data is too large to be passed in a single call, you can hash it separately and pass that value using :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed`. .. doctest:: >>> chosen_hash = hashes.SHA256() >>> hasher = hashes.Hash(chosen_hash) >>> hasher.update(b"data & ") >>> hasher.update(b"more data") >>> digest = hasher.finalize() >>> public_key.verify( ... sig, ... digest, ... utils.Prehashed(chosen_hash) ... ) Numbers ~~~~~~~ .. class:: DSAParameterNumbers(p, q, g) .. versionadded:: 0.5 The collection of integers that make up a set of DSA parameters. .. attribute:: p :type: int The public modulus. .. attribute:: q :type: int The sub-group order. .. attribute:: g :type: int The generator. .. method:: parameters(backend=None) :param backend: An optional instance of :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. :returns: A new instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`. .. class:: DSAPublicNumbers(y, parameter_numbers) .. versionadded:: 0.5 The collection of integers that make up a DSA public key. .. attribute:: y :type: int The public value ``y``. .. attribute:: parameter_numbers :type: :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameterNumbers` The :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameterNumbers` associated with the public key. .. method:: public_key(backend=None) :param backend: An optional instance of :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. :returns: A new instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`. .. class:: DSAPrivateNumbers(x, public_numbers) .. versionadded:: 0.5 The collection of integers that make up a DSA private key. .. warning:: Revealing the value of ``x`` will compromise the security of any cryptographic operations performed. .. attribute:: x :type: int The private value ``x``. .. attribute:: public_numbers :type: :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicNumbers` The :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicNumbers` associated with the private key. .. method:: private_key(backend=None) :param backend: An optional instance of :class:`~cryptography.hazmat.backends.interfaces.DSABackend`. :returns: A new instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`. Key interfaces ~~~~~~~~~~~~~~ .. class:: DSAParameters .. versionadded:: 0.3 `DSA`_ parameters. .. method:: generate_private_key() .. versionadded:: 0.5 Generate a DSA private key. This method can be used to generate many new private keys from a single set of parameters. :return: An instance of :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`. .. class:: DSAParametersWithNumbers .. versionadded:: 0.5 Extends :class:`DSAParameters`. .. method:: parameter_numbers() Create a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameterNumbers` object. :returns: A :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameterNumbers` instance. .. class:: DSAPrivateKey .. versionadded:: 0.3 A `DSA`_ private key. A DSA private key that is not an :term:`opaque key` also implements :class:`DSAPrivateKeyWithSerialization` to provide serialization methods. .. method:: public_key() :return: :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey` An DSA public key object corresponding to the values of the private key. .. method:: parameters() :return: :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters` The DSAParameters object associated with this private key. .. attribute:: key_size :type: int The bit length of :attr:`~DSAParameterNumbers.q`. .. method:: sign(data, algorithm) .. versionadded:: 1.5 .. versionchanged:: 1.6 :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed` can now be used as an ``algorithm``. Sign one block of data which can be verified later by others using the public key. :param bytes data: The message string to sign. :param algorithm: An instance of :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` or :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed` if the ``data`` you want to sign has already been hashed. :return bytes: Signature. .. class:: DSAPrivateKeyWithSerialization .. versionadded:: 0.8 This interface contains additional methods relating to serialization. Any object with this interface also has all the methods from :class:`DSAPrivateKey`. .. method:: private_numbers() Create a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateNumbers` object. :returns: A :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateNumbers` instance. .. method:: private_bytes(encoding, format, encryption_algorithm) Allows serialization of the key to bytes. Encoding ( :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`), format ( :attr:`~cryptography.hazmat.primitives.serialization.PrivateFormat.TraditionalOpenSSL`, :attr:`~cryptography.hazmat.primitives.serialization.PrivateFormat.OpenSSH` or :attr:`~cryptography.hazmat.primitives.serialization.PrivateFormat.PKCS8`) and encryption algorithm (such as :class:`~cryptography.hazmat.primitives.serialization.BestAvailableEncryption` or :class:`~cryptography.hazmat.primitives.serialization.NoEncryption`) are chosen to define the exact serialization. :param encoding: A value from the :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. :param format: A value from the :class:`~cryptography.hazmat.primitives.serialization.PrivateFormat` enum. :param encryption_algorithm: An instance of an object conforming to the :class:`~cryptography.hazmat.primitives.serialization.KeySerializationEncryption` interface. :return bytes: Serialized key. .. class:: DSAPublicKey .. versionadded:: 0.3 A `DSA`_ public key. .. attribute:: key_size :type: int The bit length of :attr:`~DSAParameterNumbers.q`. .. method:: parameters() :return: :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters` The DSAParameters object associated with this public key. .. method:: public_numbers() Create a :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicNumbers` object. :returns: A :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicNumbers` instance. .. method:: public_bytes(encoding, format) Allows serialization of the key to bytes. Encoding ( :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`) and format ( :attr:`~cryptography.hazmat.primitives.serialization.PublicFormat.SubjectPublicKeyInfo`) are chosen to define the exact serialization. :param encoding: A value from the :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. :param format: A value from the :class:`~cryptography.hazmat.primitives.serialization.PublicFormat` enum. :return bytes: Serialized key. .. method:: verify(signature, data, algorithm) .. versionadded:: 1.5 .. versionchanged:: 1.6 :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed` can now be used as an ``algorithm``. Verify one block of data was signed by the private key associated with this public key. :param bytes signature: The signature to verify. :param bytes data: The message string that was signed. :param algorithm: An instance of :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` or :class:`~cryptography.hazmat.primitives.asymmetric.utils.Prehashed` if the ``data`` you want to sign has already been hashed. :raises cryptography.exceptions.InvalidSignature: If the signature does not validate. .. class:: DSAPublicKeyWithSerialization .. versionadded:: 0.8 Alias for :class:`DSAPublicKey`. .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography .. _`FIPS 186-4`: https://csrc.nist.gov/publications/detail/fips/186/4/final .. _`at least 2048`: https://www.cosic.esat.kuleuven.be/ecrypt/ecrypt2/documents/D.SPA.20.pdf .. _`ongoing protestations`: https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-dsa-is-past-its-prime/