rsa — RSA module
| Use Case | Command | Description |
|---|---|---|
| Generate key pair | pub_key, priv_key = rsa.newkeys(2048) | Create public/private keys with 2048-bit modulus |
| Encrypt a message | crypto = rsa.encrypt(message, pub_key) | Encrypt bytes using PKCS#1 v1.5 |
| Decrypt a message | cleartext = rsa.decrypt(crypto, priv_key) | Decrypt using the private key |
| Sign a message | signature = rsa.sign(message, priv_key, 'SHA-256') | Create a detached signature |
| Verify a signature | hash_name = rsa.verify(message, signature, pub_key) | Verify and return hash method used |
| Load PEM key | key = rsa.PublicKey.load_pkcs1(pem_bytes) | Load PKCS#1 PEM/DER key |
| Save key to PEM | pem = pub_key.save_pkcs1() | Export key as PEM bytes |
Module for calculating large primes, and RSA encryption, decryption, signing and verification. Includes generating public and private keys.
⚠️ WARNING: this implementation does not use compression of the cleartext input to prevent repetitions, or other common security improvements. Use with care.
_compatasn1clicommoncorekeyparallelpempkcs1pkcs1_v2primerandnumtransformutilPrivateKeyPrivateKey(n: int, e: int, d: int, p: int, q: int) -> None
Represents a private RSA key (the decryption key). Contains the n, e, d, p, q and other values. Supports attribute access and dictionary-like access.
>>> PrivateKey(3247, 65537, 833, 191, 17)
PrivateKey(3247, 65537, 833, 191, 17)
Calculated attributes:
>>> pk = PrivateKey(3727264081, 65537, 3349121513, 65063, 57287)
>>> pk.exp1
55063
>>> pk.exp2
10095
>>> pk.coef
50797
blinded_decrypt(self, encrypted: int) -> int — Decrypts the message using blinding to prevent side-channel attacks.blinded_encrypt(self, message: int) -> int — Encrypts the message using blinding to prevent side-channel attacks.n, e, d, p, q — key componentsexp1, exp2, coef — precomputed helper valuesInherits from AbstractKey: blind(), unblind(), save_pkcs1(), load_pkcs1() (class method), and attributes blindfac, blindfac_inverse, mutex.
PublicKeyPublicKey(n: int, e: int) -> None
Represents a public RSA key (the encryption key). Contains the n and e values. Supports attribute access and dictionary-like access.
>>> PublicKey(5, 3)
PublicKey(5, 3)
>>> key = PublicKey(5, 3)
>>> key.n
5
>>> key['n']
5
>>> key.e
3
>>> key['e']
3
n — moduluse — public exponentload_pkcs1_openssl_der(keyfile: bytes) -> 'PublicKey' — Loads a PKCS#1 DER-encoded public key from OpenSSL.load_pkcs1_openssl_pem(keyfile: bytes) -> 'PublicKey' — Loads a PKCS#1.5 PEM-encoded public key from OpenSSL (with BEGIN PUBLIC KEY header).Inherits from AbstractKey: blind(), unblind(), save_pkcs1(), load_pkcs1() (class method), and attributes blindfac, blindfac_inverse, mutex.
DecryptionError (extends CryptoError)Raised when decryption fails.
VerificationError (extends CryptoError)Raised when verification fails.
compute_hash(message: Union[bytes, BinaryIO], method_name: str) -> bytes — Returns the message digest. method_name must be a key of HASH_METHODS.decrypt(crypto: bytes, priv_key: rsa.key.PrivateKey) -> bytes — Decrypts using PKCS#1 v1.5. Raises DecryptionError on failure.
>>> import rsa
>>> (pub_key, priv_key) = rsa.newkeys(256)
>>> crypto = encrypt(b'hello', pub_key)
>>> decrypt(crypto, priv_key)
b'hello'
>>> crypto = encrypt(b'\x00\x00\x00\x00\x01', pub_key)
>>> decrypt(crypto, priv_key)
b'\x00\x00\x00\x00\x01'
⚠️ Warning: Never display the stack trace of a DecryptionError exception — it leaks key information.
>>> crypto = encrypt(b'hello', pub_key)
>>> crypto = crypto[0:5] + b'X' + crypto[6:] # change a byte
>>> decrypt(crypto, priv_key)
Traceback (most recent call last):
...
rsa.pkcs1.DecryptionError: Decryption failed
encrypt(message: bytes, pub_key: rsa.key.PublicKey) -> bytes — Encrypts using PKCS#1 v1.5. Message must be <= k-11 bytes, where k is the byte size of n.
>>> from rsa import key, common
>>> (pub_key, priv_key) = key.newkeys(256)
>>> message = b'hello'
>>> crypto = encrypt(message, pub_key)
>>> len(crypto) == common.byte_size(pub_key.n)
True
find_signature_hash(signature: bytes, pub_key: rsa.key.PublicKey) -> str — Returns the hash name detected from the signature.newkeys(nbits: int, accurate: bool = True, poolsize: int = 1, exponent: int = 65537) -> Tuple[rsa.key.PublicKey, rsa.key.PrivateKey] — Generates a new RSA key pair. accurate=True ensures exact bit length; poolsize>1 enables parallel prime generation (Python 2.6+).sign(message: bytes, priv_key: rsa.key.PrivateKey, hash_method: str) -> bytes — Signs a message (detached signature). hash_method can be 'MD5', 'SHA-1', 'SHA-224', 'SHA-256', 'SHA-384', 'SHA-512'.sign_hash(hash_value: bytes, priv_key: rsa.key.PrivateKey, hash_method: str) -> bytes — Signs a precomputed hash (detached signature).verify(message: bytes, signature: bytes, pub_key: rsa.key.PublicKey) -> str — Verifies a signature. Raises VerificationError on mismatch. Returns the hash method used.__all__ = ['newkeys', 'encrypt', 'decrypt', 'sign', 'verify', 'PublicKey', 'PrivateKey', 'DecryptionError', 'VerificationError']
4.8
2021-11-24
Sybren Stuvel, Barry Mead and Yesudeep Mangalapilly
/usr/lib/python3/dist-packages/rsa/__init__.py
Generated by phpman v4.9.27 · Markdown · JSON · MCP Author: Che Dong Under GNU General Public License
2026-07-18 16:22 @216.73.216.114
CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Enhanced by LLM: deepseek-v4-flash / taotoken.net / www.chedong.com - original format