add convenience methods for key_size on EC{Public,Private}Key (#3587)

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2017-05-23 23:38:59 -0700
committer: Alex Gaynor <alex.gaynor@gmail.com> 2017-05-23 23:38:59 -0700
commit: 416f526a3d809d330b4a990bdf4a742384bde8f8 (patch)
tree: 93db904bb4dc50dd572d2cb4c54c0dee9bd12eb6
parent: 0517d1ae49061f486e2e4d279d70b6b61361de2f (diff)
download: cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.tar.gz
cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.tar.bz2
cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.zip
5 files changed, 54 insertions, 1 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 0e7619e5..81aca4e5 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -21,6 +21,12 @@ Changelog
   :meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag`.
 * Fixed an issue preventing ``cryptography`` from compiling against
   LibreSSL 2.5.x.
+* Added
+  :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.key_size`
+  and
+  :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.key_size`
+  as convenience methods for determining the bit size of a secret scalar for
+  the curve.
 * Accessing an unrecognized extension marked critical on an X.509 object will
   no longer raise an ``UnsupportedExtension`` exception, instead an
   :class:`~cryptography.x509.UnrecognizedExtension` object will be returned.
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index 3c595fac..46f2f5ac 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -459,6 +459,15 @@ Key Interfaces
 
         :return bytes: Signature.
 
+    .. attribute:: key_size
+
+        .. versionadded:: 1.9
+
+        :type: int
+
+        Size (in bits) of a secret scalar for the curve (as generated by
+        :func:`generate_private_key`).
+
 
 .. class:: EllipticCurvePrivateKeyWithSerialization
 
@@ -565,6 +574,15 @@ Key Interfaces
         :raises cryptography.exceptions.InvalidSignature: If the signature does
             not validate.
 
+    .. attribute:: key_size
+
+        .. versionadded:: 1.9
+
+        :type: int
+
+        Size (in bits) of a secret scalar for the curve (as generated by
+        :func:`generate_private_key`).
+
 
 .. class:: EllipticCurvePublicKeyWithSerialization
 
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index 68a35b21..3a81f919 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -135,6 +135,10 @@ class _EllipticCurvePrivateKey(object):
 
     curve = utils.read_only_property("_curve")
 
+    @property
+    def key_size(self):
+        return self.curve.key_size
+
     def signer(self, signature_algorithm):
         _check_signature_algorithm(signature_algorithm)
         return _ECDSASignatureContext(
@@ -231,6 +235,10 @@ class _EllipticCurvePublicKey(object):
 
     curve = utils.read_only_property("_curve")
 
+    @property
+    def key_size(self):
+        return self.curve.key_size
+
     def verifier(self, signature, signature_algorithm):
         if not isinstance(signature, bytes):
             raise TypeError("signature must be bytes.")
diff --git a/src/cryptography/hazmat/primitives/asymmetric/ec.py b/src/cryptography/hazmat/primitives/asymmetric/ec.py
index a527387b..7931b086 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/ec.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/ec.py
@@ -22,7 +22,7 @@ class EllipticCurve(object):
     @abc.abstractproperty
     def key_size(self):
         """
-        The bit length of the base point of the curve.
+        Bit size of a secret scalar for the curve.
         """
 
 
@@ -63,6 +63,12 @@ class EllipticCurvePrivateKey(object):
         """
 
     @abc.abstractproperty
+    def key_size(self):
+        """
+        Bit size of a secret scalar for the curve.
+        """
+
+    @abc.abstractproperty
     def sign(self, data, signature_algorithm):
         """
         Signs the data
@@ -98,6 +104,12 @@ class EllipticCurvePublicKey(object):
         The EllipticCurve that this key is on.
         """
 
+    @abc.abstractproperty
+    def key_size(self):
+        """
+        Bit size of a secret scalar for the curve.
+        """
+
     @abc.abstractmethod
     def public_numbers(self):
         """
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index ad4bbc51..d5db52ab 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -277,6 +277,15 @@ def test_ec_private_numbers_hash():
 
 
 @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
+def test_ec_key_key_size(backend):
+    curve = ec.SECP256R1()
+    _skip_curve_unsupported(backend, curve)
+    key = ec.generate_private_key(curve, backend)
+    assert key.key_size == 256
+    assert key.public_key().key_size == 256
+
+
+@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend)
 class TestECWithNumbers(object):
     @pytest.mark.parametrize(
         ("vector", "hash_type"),
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2017-05-23 23:38:59 -0700
committer	Alex Gaynor <alex.gaynor@gmail.com>	2017-05-23 23:38:59 -0700
commit	416f526a3d809d330b4a990bdf4a742384bde8f8 (patch)
tree	93db904bb4dc50dd572d2cb4c54c0dee9bd12eb6
parent	0517d1ae49061f486e2e4d279d70b6b61361de2f (diff)
download	cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.tar.gz cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.tar.bz2 cryptography-416f526a3d809d330b4a990bdf4a742384bde8f8.zip