ECC

class pyflocker.ciphers.backends.cryptodome_.ECC.ECCPrivateKey(curve: str | None, _key: EccKey | None = None)[source]

Bases: BaseECCPrivateKey

property key_size: int

Size of ECC key, in bits.

property curve: str

Name of the curve that this key is on.

public_key() ECCPublicKey[source]

Creates a public key from the private key.

Returns:

The public key.

serialize(encoding: str = 'PEM', format: str = 'PKCS8', passphrase: bytes | None = None, *, protection: str | None = None) bytes[source]

Serialize the private key.

Parameters:

  • encoding – PEM or DER (defaults to PEM).

  • format – PKCS8 or PKCS1 (TraditionalOpenSSL). TraditionalOpenSSL is an alias for PKCS1.

  • passphrase – A bytes-like object to protect the private key. If passphrase is None, the private key will be exported in the clear!

Keyword Arguments:

protection – The protection scheme to use. If passphrase is provided and protection is None, scryptAndAES256-CBC is used.

Returns:

The private key as a bytes object.

Return type:

bytes

Raises:

  • ValueError – If the encoding is incorrect or, if DER is used with PKCS1 or, protection value is supplied with PKCS1 format or, passphrase is empty when protection value is supplied.

  • KeyError – if the format is invalid or not supported.

  • TypeError – if the passphrase is not a bytes-like object when protection is supplied.

signer(algorithm: None | BaseEllepticCurveSignatureAlgorithm = None) SignerContext | EdDSASignerContext[source]

Creates a signer context.

Parameters:

algorithm – The signing algorithm to use. Default is ECDSA for NIST curves and EdDSA for Edwards curves.

Returns:

signer object for signing.

exchange(peer_public_key: bytes | ECCPublicKey | BaseECCPublicKey, algorithm: None | BaseEllepticCurveExchangeAlgorithm = None) bytes[source]

Perform a key exchange.

Parameters:

  • peer_public_key – The peer public key can be a bytes or an ECC public key object.

  • algorithm – The algorithm to use for performing key exchange. Default is ECDH.

Returns:

A shared key.

Raises:

TypeError – if peer_public_key is not a bytes-like or ECC Public Key object.

classmethod load(data: bytes, passphrase: bytes | None = None, *, curve: str | None = None) ECCPrivateKey[source]

Loads the private key as bytes object and returns the Key interface.

Parameters:

  • data – The key as bytes object.

  • passphrase – The passphrase that deserializes the private key. It must be a bytes-like object if the key was encrypted while serialization, otherwise None.

Keyword Arguments:

curve – The name of the curve as string. It is required only for Raw keys.

Returns:

RSA private key.

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptodome_.ECC.ECCPublicKey(key: EccKey)[source]

Bases: BaseECCPublicKey

Represents ECC public key.

property key_size: int

Size of ECC key, in bits.

property curve: str

Name of the curve that this key is on.

serialize(encoding: str = 'PEM', format: str = 'SubjectPublicKeyInfo') bytes[source]

Serialize the public key.

Parameters:

  • encoding – PEM, DER, OpenSSH, SEC1 (X962) or Raw. Raw is valid only for Edwards curves. X962 is an alias for SEC1.

  • format

    The supported formats are:

    • SubjectPublicKeyInfo

    • OpenSSH

    • Raw

    • CompressedPoint

    • UncompressedPoint

    Note

    format argument is not actually used by Cryptodome. It is here to maintain compatibility with pyca/cryptography backend counterpart.

Returns:

The serialized public key as bytes object.

Raises:

ValueError – if the encoding or format is invalid.

verifier(algorithm: None | BaseEllepticCurveSignatureAlgorithm = None) VerifierContext | EdDSAVerifierContext[source]

Creates a verifier context.

Parameters:

algorithm – The signing algorithm to use. Default is ECDSA for NIST curves and EdDSA for Edwards curves.

Returns:

verifier object for verification.

classmethod load(data: bytes, *, curve: str | None = None) ECCPublicKey[source]

Loads the public key as binary object and returns the Key object.

Parameters:

  • data – The key as bytes object.

  • curve – The name of the curve. Only for SEC1 and Raw keys.

Returns:

An ECC public key.

Return type:

ECCPublicKey

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptodome_.ECC.SignerContext(ctx: Any)[source]

Bases: BaseSignerContext

sign(msghash: BaseHash) bytes[source]

Return the signature of the message hash.

Parameters:

msghash – It must be a BaseHash object, used to digest the message to sign.

Returns:

signature of the message as bytes object.

class pyflocker.ciphers.backends.cryptodome_.ECC.EdDSASignerContext(ctx: EdDSASigScheme)[source]

Bases: BaseEdDSASignerContext

sign(msghash: bytes) bytes[source]

Return the signature of the message.

Parameters:

msghash – A bytes object.

Returns:

signature of the message as bytes object.

class pyflocker.ciphers.backends.cryptodome_.ECC.VerifierContext(ctx: Any)[source]

Bases: BaseVerifierContext

verify(msghash: BaseHash, signature: bytes) None[source]

Verifies the signature of the message hash.

Parameters:

  • msghash – It must be a BaseHash object, used to digest the message to sign.

  • signature – The signature of the message.

Raises:

SignatureError – if the signature was incorrect.

class pyflocker.ciphers.backends.cryptodome_.ECC.EdDSAVerifierContext(ctx: EdDSASigScheme)[source]

Bases: BaseEdDSAVerifierContext

verify(msghash: bytes, signature: bytes) None[source]

Verifies the signature of the message.

Parameters:

  • msghash – A bytes object.

  • signature – The signature of the message.

Raises:

SignatureError – if the signature was incorrect.

pyflocker.ciphers.backends.cryptodome_.ECC.generate(curve: str) ECCPrivateKey[source]

Generate a private key with given curve curve.

Parameters:

curve – The name of the curve to use.

Returns:

An ECC private key.

Raises:

ValueError – if the curve the name of the curve is invalid.

pyflocker.ciphers.backends.cryptodome_.ECC.load_public_key(data: bytes, *, curve: str | None = None) ECCPublicKey[source]

Loads the public key.

Parameters:

data – The public key (a bytes-like object) to deserialize.

Returns:

An ECC public key.

pyflocker.ciphers.backends.cryptodome_.ECC.load_private_key(data: bytes, passphrase: bytes | None = None, *, curve: str | None = None) ECCPrivateKey[source]

Loads the private key and returns a Key interface.

Parameters:

  • data – The private key (a bytes-like object) to deserialize.

  • passphrase – The passphrase (in bytes) that was used to encrypt the private key. None if the key was not encrypted.

Returns:

An ECC private key.

Return type:

ECCPrivateKey