"""Private keys for the security serializer."""fromcryptography.hazmat.backendsimportdefault_backendfromcryptography.hazmat.primitivesimportserializationfromcryptography.hazmat.primitives.asymmetricimportpadding,rsafromkombu.utils.encodingimportensure_bytesfrom.utilsimportreraise_errors__all__=('PrivateKey',)
[文档]classPrivateKey:"""Represents a private key."""def__init__(self,key,password=None):withreraise_errors('Invalid private key: {0!r}',errors=(ValueError,)):self._key=serialization.load_pem_private_key(ensure_bytes(key),password=ensure_bytes(password),backend=default_backend())ifnotisinstance(self._key,rsa.RSAPrivateKey):raiseValueError("Non-RSA keys are not supported.")
[文档]defsign(self,data,digest):"""Sign string containing data."""withreraise_errors('Unable to sign data: {0!r}'):pad=padding.PSS(mgf=padding.MGF1(digest),salt_length=padding.PSS.MAX_LENGTH)returnself._key.sign(ensure_bytes(data),pad,digest)