File: index.rst

package info (click to toggle)
python-cryptography 43.0.0-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 5,400 kB
  • sloc: python: 49,159; java: 319; makefile: 161
file content (118 lines) | stat: -rw-r--r-- 5,113 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
.. hazmat::

Asymmetric algorithms
=====================

Asymmetric cryptography is a branch of cryptography where a secret key can be
divided into two parts, a :term:`public key` and a :term:`private key`. The
public key can be given to anyone, trusted or not, while the private key must
be kept secret (just like the key in symmetric cryptography).

Asymmetric cryptography has two primary use cases: authentication and
confidentiality. Using asymmetric cryptography, messages can be signed with a
private key, and then anyone with the public key is able to verify that the
message was created by someone possessing the corresponding private key. This
can be combined with a `proof of identity`_ system to know what entity (person
or group) actually owns that private key, providing authentication.

Encryption with asymmetric cryptography works in a slightly different way from
symmetric encryption. Someone with the public key is able to encrypt a message,
providing confidentiality, and then only the person in possession of the
private key is able to decrypt it.

.. toctree::
    :maxdepth: 1

    ed25519
    x25519
    ed448
    x448
    ec
    rsa
    dh
    dsa
    serialization
    utils


.. _`proof of identity`: https://en.wikipedia.org/wiki/Public-key_infrastructure

Common types
~~~~~~~~~~~~

Asymmetric key types do not inherit from a common base class. The following
union type aliases can be used instead to reference a multitude of key types.

.. currentmodule:: cryptography.hazmat.primitives.asymmetric.types

.. data:: PublicKeyTypes

    .. versionadded:: 40.0.0

    Type alias: A union of all public key types supported:
    :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x448.X448PublicKey`.

.. data:: PrivateKeyTypes

    .. versionadded:: 40.0.0

    Type alias: A union of all private key types supported:
    :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey`.

.. data:: CertificatePublicKeyTypes

    .. versionadded:: 40.0.0

    Type alias: A union of all public key types supported for X.509
    certificates:
    :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.x448.X448PublicKey`.

.. data:: CertificateIssuerPublicKeyTypes

    .. versionadded:: 40.0.0

    Type alias: A union of all public key types that can sign other X.509
    certificates as an issuer. x448/x25519 can be a public key, but cannot be
    used in signing, so they are not allowed in these contexts.

    Allowed:
    :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PublicKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PublicKey`.

.. data:: CertificateIssuerPrivateKeyTypes

    .. versionadded:: 40.0.0

    Type alias: A union of all private key types that can sign other X.509
    certificates as an issuer. x448/x25519 can be a public key, but cannot be
    used in signing, so they are not allowed in these contexts.

    Allowed:
    :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey`,
    :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey`.