ECC

class pyflocker.ciphers.backends.cryptography_.ECC.ECCPrivateKey(curve: str | None = None, _key: EllipticCurvePrivateKey | None = None)[source]

Bases: BaseECCPrivateKey

property key_size: int

Size of ECC key, in bits.

property curve: str

Name of the curve that this key is on.

public_key() ECCPublicKey[source]

Creates a public key from the private key.

Returns:

The public key.

exchange(peer_public_key: bytes | ECCPublicKey | BaseECCPublicKey, algorithm: None | BaseEllepticCurveExchangeAlgorithm = None) bytes[source]

Perform a key exchange.

Parameters:

  • peer_public_key – The peer public key can be a bytes or an ECC public key object.

  • algorithm – The algorithm to use for performing key exchange. Default is ECDH.

Returns:

A shared key.

Raises:

TypeError – if peer_public_key is not a bytes-like or ECC Public Key object.

signer(algorithm: None | BaseEllepticCurveSignatureAlgorithm = None) SignerContext | EdDSASignerContext[source]

Creates a signer context.

Parameters:

algorithm – The signing algorithm to use. Default is ECDSA for NIST curves and EdDSA for Edwards curves.

Returns:

signer object for signing.

Warning

If the key is an EdDSA key, then the EdDSA parameters are ignored.

serialize(encoding: str = 'PEM', format: str = 'PKCS8', passphrase: bytes | None = None) bytes[source]

Serialize the private key.

Parameters:

  • encoding

    The encoding to use. Supported encodings are:

    • PEM

    • DER

    • Raw

  • format

    The format to use. Supported formats are:

    • PKCS1

    • TraditionalOpenSSL (alias for PKCS1)

    • PKCS8

    • Raw

    • OpenSSH

  • passphrase – A byte string that will be used to encrypt the PKCS8 encoded private key. If None, the key will not be encrypted.

Returns:

Private key as a byte string.

Raises:

  • ValueError – If the encoding or format is incorrect, or

  • serialization failed.

classmethod load(data: bytes, passphrase: bytes | None = None, *, curve: str | None = None) ECCPrivateKey[source]

Loads the private key as bytes object and returns the Key interface.

Parameters:

  • data – The key as bytes object.

  • passphrase – The passphrase that deserializes the private key. It must be a bytes-like object if the key was encrypted while serialization, otherwise None.

Keyword Arguments:

curve – The name of the curve as string. It is required only for Raw keys.

Returns:

RSA private key.

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptography_.ECC.ECCPublicKey(key: EllipticCurvePublicKey)[source]

Bases: BaseECCPublicKey

property key_size: int

Size of ECC key, in bits.

property curve: str

Name of the curve that this key is on.

verifier(algorithm: None | BaseEllepticCurveSignatureAlgorithm = None) VerifierContext | EdDSAVerifierContext[source]

Creates a verifier context.

Parameters:

algorithm – The signing algorithm to use. Default is ECDSA for NIST curves and EdDSA for Edwards curves.

Returns:

verifier object for verification.

serialize(encoding: str = 'PEM', format: str = 'SubjectPublicKeyInfo') bytes[source]

Serialize the public key.

Parameters:

  • encoding

    The encoding to use. Supported encodings are:

    • PEM

    • DER

    • OpenSSH

    • Raw

    • X962

    • SEC1

  • format

    The format to use. Supported formats are:

    • SubjectPublicKeyInfo

    • OpenSSH

    • Raw

    • CompressedPoint

    • UncompressedPoint

Returns:

Public key as a byte string.

Raises:

  • ValueError – If the encoding or format is incorrect, or

  • serialization failed.

classmethod load(data: bytes, *, curve: str | None = None) ECCPublicKey[source]

Loads the public key as bytes object and returns the Key interface.

Parameters:

data – The key as bytes object.

Keyword Arguments:

curve – The name of the curve as a string. Required only for SEC1 and Raw keys.

Returns:

The ECC public key.

Raises:

ValueError – if the key could not be deserialized.

class pyflocker.ciphers.backends.cryptography_.ECC.VerifierContext(key: EllipticCurvePublicKey, signature_algorithm: Any)[source]

Bases: BaseVerifierContext

verify(msghash: BaseHash, signature: bytes) None[source]

Verifies the signature of the message hash.

Parameters:

  • msghash – It must be a BaseHash object, used to digest the message to sign.

  • signature – The signature of the message.

Raises:

SignatureError – if the signature was incorrect.

class pyflocker.ciphers.backends.cryptography_.ECC.SignerContext(key: EllipticCurvePrivateKey, signature_algorithm: Any)[source]

Bases: BaseSignerContext

sign(msghash: BaseHash) bytes[source]

Return the signature of the message hash.

Parameters:

msghash – It must be a BaseHash object, used to digest the message to sign.

Returns:

signature of the message as bytes object.

class pyflocker.ciphers.backends.cryptography_.ECC.EdDSASignerContext(key: _EdDSAPrivateKeyAdapter)[source]

Bases: BaseEdDSASignerContext

sign(message: bytes) bytes[source]

Return the signature of the message.

Parameters:

msghash – A bytes object.

Returns:

signature of the message as bytes object.

class pyflocker.ciphers.backends.cryptography_.ECC.EdDSAVerifierContext(key: _EdDSAPublicKeyAdapter)[source]

Bases: BaseEdDSAVerifierContext

verify(message: bytes, signature: bytes) None[source]

Verifies the signature of the message.

Parameters:

  • msghash – A bytes object.

  • signature – The signature of the message.

Raises:

SignatureError – if the signature was incorrect.

pyflocker.ciphers.backends.cryptography_.ECC.generate(curve: str) ECCPrivateKey[source]

Generate a private key with given curve curve.

Parameters:

curve – The name of the curve to use.

Returns:

An ECC private key.

Raises:

ValueError – if the curve the name of the curve is invalid.

pyflocker.ciphers.backends.cryptography_.ECC.load_private_key(data: bytes, passphrase: bytes | None = None, *, curve: str | None = None) ECCPrivateKey[source]

Loads the private key and returns a Key interface.

Parameters:

  • data – The private key (a bytes-like object) to deserialize.

  • passphrase – The passphrase (in bytes) that was used to encrypt the private key. None if the key was not encrypted.

  • curve – The name of the curve as string. It is required only for Raw keys.

Returns:

An ECC private key.

Return type:

ECCPrivateKey

pyflocker.ciphers.backends.cryptography_.ECC.load_public_key(data: bytes, *, curve: str | None = None) ECCPublicKey[source]

Loads the public key.

Parameters:

data – The public key (a bytes-like object) to deserialize.

Returns:

An ECC public key.