Python Cryptography: Cannot sign with RSA private key using PKCS1v15 padding

Question

I'm trying to implement a functionally equivalent signing with Python and the Cryptography library to PHP's openssl_pkey_get_private and openssl_sign using a SHA1 hash. I've read that PHP uses PKCS1v15 padding, so that's what I'm trying to use as well. My code is:

from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.backends import default_backend

pk = open('key.pem', 'rb')
key = load_pem_private_key(pk.read(), password=None, backend=default_backend())
message = b'hello world'
signature = key.sign(
    message,
    padding.PKCS1v15,
    hashes.SHA1()
)

Executing this results in:

---------------------------------------------------------------------------
TypeError                                 Traceback (most recent call last)
<ipython-input-21-ef3db8a6f4a8> in <module>()
      3     message,
      4     padding.PKCS1v15,
----> 5     hashes.SHA1()
      6 )

/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in sign(self, data, padding, algorithm)
    613 
    614     def sign(self, data, padding, algorithm):
--> 615         signer = self.signer(padding, algorithm)
    616         signer.update(data)
    617         signature = signer.finalize()

/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in signer(self, padding, algorithm)
    550 
    551     def signer(self, padding, algorithm):
--> 552         return _RSASignatureContext(self._backend, self, padding, algorithm)
    553 
    554     def decrypt(self, ciphertext, padding):

/home/vagrant/virtualenvs/test/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/rsa.py in __init__(self, backend, private_key, padding, algorithm)
    170 
    171         if not isinstance(padding, AsymmetricPadding):
--> 172             raise TypeError("Expected provider of AsymmetricPadding.")
    173 
    174         self._pkey_size = self._backend._lib.EVP_PKEY_size(

TypeError: Expected provider of AsymmetricPadding.

Answer 1

The operator isinstance indicates that padding.PKCS1v15 needs to be an instance instead of the type (class) itself. That means that the object instance should be created by calling the constructor.

To do this add parentheses, ie padding.PKCS1v15() .

Python Cryptography: Cannot sign with RSA private key using PKCS1v15 padding

Question

1 answers

solution1
3 ACCPTED 2016-09-03 09:22:02

Python Cryptography: Cannot sign with RSA private key using PKCS1v15 padding

Question

1 answers

solution1 3 ACCPTED 2016-09-03 09:22:02

solution1
3 ACCPTED 2016-09-03 09:22:02