diff options
author | Sybren A. St?vel <sybren@stuvel.eu> | 2011-07-31 20:47:49 +0200 |
---|---|---|
committer | Sybren A. St?vel <sybren@stuvel.eu> | 2011-07-31 20:47:49 +0200 |
commit | 3ad13edad1f0da543f4e7b38aff62f7c91b58052 (patch) | |
tree | 864f5a2722340061553407cdbcb33972cf44d7bc /rsa/pkcs1.py | |
parent | 5e7aa172647a6571abd28bb174b7a1f62e2f81f5 (diff) | |
download | rsa-3ad13edad1f0da543f4e7b38aff62f7c91b58052.tar.gz |
Made hashing efficient for large files
Diffstat (limited to 'rsa/pkcs1.py')
-rw-r--r-- | rsa/pkcs1.py | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py index 7612b27..b81629e 100644 --- a/rsa/pkcs1.py +++ b/rsa/pkcs1.py @@ -31,7 +31,7 @@ SUCH INFORMATION to your users. import hashlib import os -from rsa import common, transform, core +from rsa import common, transform, core, varblock # ASN.1 codes that describe the hash algorithm used. HASH_ASN1 = { @@ -224,7 +224,9 @@ def sign(message, priv_key, hash): Hashes the message, then signs the hash with the given key. This is known as a "detached signature", because the message itself isn't altered. - :param message: the message to sign + :param message: the message to sign. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. :param priv_key: the :py:class:`rsa.PrivateKey` to sign with :param hash: the hash method used on the message. Use 'MD5', 'SHA-1', 'SHA-256', 'SHA-384' or 'SHA-512'. @@ -258,7 +260,9 @@ def verify(message, signature, pub_key): The hash method is detected automatically from the signature. - :param message: the signed message + :param message: the signed message. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. :param signature: the signature block, as created with ``sign(...)``. :param pub_key: the :py:class:`rsa.PublicKey` of the person signing the message. :raise VerificationError: when the signature doesn't match the message. @@ -289,14 +293,30 @@ def verify(message, signature, pub_key): raise VerificationError('Verification failed') def _hash(message, method_name): - '''Returns the message digest.''' + '''Returns the message digest. + + :param message: the signed message. Can be an 8-bit string or a file-like + object. If ``message`` has a ``read()`` method, it is assumed to be a + file-like object. + :param method_name: the hash method, must be a key of + :py:const:`HASH_METHODS`. + + ''' if method_name not in HASH_METHODS: raise ValueError('Invalid hash method: %s' % method_name) method = HASH_METHODS[method_name] hasher = method() - hasher.update(message) + + if hasattr(message, 'read') and hasattr(message.read, '__call__'): + # read as 1K blocks + for block in varblock.yield_fixedblocks(message, 1024): + hasher.update(block) + else: + # hash the message object itself. + hasher.update(message) + return hasher.digest() |