Merge pull request #962 from reaperhulk/rsa-enc

RSA encryption support
author: Alex Gaynor <alex.gaynor@gmail.com> 2014-04-26 22:10:34 -0700
committer: Alex Gaynor <alex.gaynor@gmail.com> 2014-04-26 22:10:34 -0700
commit: db1524b8db4959f25c880f871ea0d2ddb137ec58 (patch)
tree: c9df839f820b8a09ef4394d3ff3b894af46d2dd0 /docs/hazmat
parent: b30402c6b5ad6aa3625fcfbd9e7cb7998670d2f4 (diff)
parent: 857c0e9c18206c35958a4ad573e7c36a743daabd (diff)
download: cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.gz
cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.bz2
cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.zip
3 files changed, 90 insertions, 0 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index 11ff9305..2f63f3e0 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -275,6 +275,18 @@ A specific ``backend`` may provide one or more of these interfaces.
             :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
             provider.
 
+    .. method:: encrypt_rsa(public_key, plaintext, padding)
+
+        :param public_key: An instance of an
+            :class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey`
+            provider.
+
+        :param bytes plaintext: The plaintext to encrypt.
+
+        :param padding: An instance of an
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
 
 .. class:: TraditionalOpenSSLSerializationBackend
 
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index 862df635..68ad089d 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst
@@ -267,6 +267,67 @@ RSA
         :raises ValueError: This is raised when the chosen hash algorithm is
             too large for the key size.
 
+    .. method:: encrypt(plaintext, padding, backend)
+
+        .. versionadded:: 0.4
+
+        Encrypt data using the public key. The resulting ciphertext can only
+        be decrypted with the private key.
+
+        :param bytes plaintext: The plaintext to encrypt.
+
+        :param padding: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+            provider.
+
+        :return bytes: Encrypted data.
+
+        :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if
+            the provided ``backend`` does not implement
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend` or if
+            the backend does not support the chosen hash or padding algorithm.
+            If the padding is
+            :class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP`
+            with the
+            :class:`~cryptography.hazmat.primitives.asymmetric.padding.MGF1`
+            mask generation function it may also refer to the ``MGF1`` hash
+            algorithm.
+
+        :raises TypeError: This is raised when the padding is not an
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :raises ValueError: This is raised if the data is too large for the
+            key size. If the padding is
+            :class:`~cryptography.hazmat.primitives.asymmetric.padding.OAEP`
+            it may also be raised for invalid label values.
+
+        .. code-block:: python
+
+            from cryptography.hazmat.backends import default_backend
+            from cryptography.hazmat.primitives import hashes
+            from cryptography.hazmat.primitives.asymmetric import padding, rsa
+
+            private_key = rsa.RSAPrivateKey.generate(
+                public_exponent=65537,
+                key_size=2048,
+                backend=default_backend()
+            )
+            public_key = private_key.public_key()
+            ciphertext = public_key.encrypt(
+                plaintext,
+                padding.OAEP(
+                    mgf=padding.MGF1(algorithm=hashes.SHA1()),
+                    algorithm=hashes.SHA1(),
+                    label=None
+                ),
+                default_backend()
+            )
+
 
 Handling partial RSA private keys
 ---------------------------------
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index 3b837a0d..c76582c0 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -263,6 +263,23 @@ Asymmetric interfaces
         :returns:
             :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
 
+    .. method:: encrypt(plaintext, padding, backend)
+
+        .. versionadded:: 0.4
+
+        Encrypt data with the public key.
+
+        :param bytes plaintext: The plaintext to encrypt.
+
+        :param padding: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+            provider.
+
+        :return bytes: Encrypted data.
 
     .. attribute:: modulus
author	Alex Gaynor <alex.gaynor@gmail.com>	2014-04-26 22:10:34 -0700
committer	Alex Gaynor <alex.gaynor@gmail.com>	2014-04-26 22:10:34 -0700
commit	db1524b8db4959f25c880f871ea0d2ddb137ec58 (patch)
tree	c9df839f820b8a09ef4394d3ff3b894af46d2dd0 /docs/hazmat
parent	b30402c6b5ad6aa3625fcfbd9e7cb7998670d2f4 (diff)
parent	857c0e9c18206c35958a4ad573e7c36a743daabd (diff)
download	cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.gz cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.tar.bz2 cryptography-db1524b8db4959f25c880f871ea0d2ddb137ec58.zip