def finalize(self):
if self._ctx is None:
raise AlreadyFinalized("Context was already finalized.")
digest = self._ctx.finalize()
self._ctx = None
q = self._dsa_key.parameters.parameter_numbers().q
# We need this for compatibility with libotr which doesn't truncate its digest to the leftmost q.bit_length() bits
# when the digest is longer than that as per the DSA specification (see FIPS 186-4, 4.2 & 4.6). Passing digest mod q
# is the same as passing it unmodified, but this way we avoid the cryptography library truncating the digest as per
# the specification, which would result in the signature verification failing.
if self.algorithm.digest_size * 8 > q.bit_length():
digest = long_to_bytes(bytes_to_long(digest) % q, (q.bit_length() + 7) // 8)
return digest
评论列表
文章目录
