From 085f37861e4a505a12a1ddb940788a3025fdcf4f Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Tue, 1 Apr 2014 16:18:17 +0100 Subject: Elliptic curve interfaces --- cryptography/hazmat/primitives/interfaces.py | 78 ++++++++++++++++++++++ docs/hazmat/primitives/interfaces.rst | 97 ++++++++++++++++++++++++++++ docs/spelling_wordlist.txt | 2 + 3 files changed, 177 insertions(+) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index 810a67a4..ef8566bd 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -489,3 +489,81 @@ class CMACContext(object): """ Return a CMACContext that is a copy of the current context. """ + + +class EllipticCurve(six.with_metaclass(abc.ABCMeta)): + @abc.abstractproperty + def name(self): + """ + The name of the curve. e.g. secp256r1. + """ + + @abc.abstractproperty + def key_size(self): + """ + The bit length of the base point of the curve. + """ + + +class EllipticCurvePrivateKey(six.with_metaclass(abc.ABCMeta)): + @abc.abstractproperty + def curve(self): + """ + The EllipticCurve that this key is on. + """ + + @abc.abstractproperty + def private_key(self): + """ + The private value used for signing. + """ + + @abc.abstractproperty + def key_size(self): + """ + The bit length of the base point of the curve. + """ + + @abc.abstractproperty + def x(self): + """ + The affine x component of the public point used for verifying. + """ + + @abc.abstractproperty + def y(self): + """ + The affine y component of the public point used for verifying. + """ + + @abc.abstractmethod + def public_key(self): + """ + The ECDSAPublicKey for this private key. + """ + + +class EllipticCurvePublicKey(six.with_metaclass(abc.ABCMeta)): + @abc.abstractproperty + def curve(self): + """ + The EllipticCurve that this key is on. + """ + + @abc.abstractproperty + def x(self): + """ + The affine x component of the public point used for verifying. + """ + + @abc.abstractproperty + def y(self): + """ + The affine y component of the public point used for verifying. + """ + + @abc.abstractproperty + def key_size(self): + """ + The bit length of the base point of the curve. + """ diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index dc09a26f..6ec6de62 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -463,6 +463,101 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` +.. class:: EllipticCurve + + .. versionadded:: 0.4 + + A named elliptic curve. + + .. attribute:: name + + :type: string + + The name of the curve. Usually the name used for the ASN.1 OID such as + "secp256k1". + + .. attribute:: key_size + + :type: int + + The bit length of the curves base point. + + +.. class:: EllipticCurvePrivateKey + + .. versionadded:: 0.4 + + An elliptic curve private key for use with an algorithm such as `ECDSA`_ or + `EdDSA`_. + + .. attribute:: curve + + :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve` + + The elliptic curve for this key. + + .. attribute:: private_key + + :type: int + + The private key. + + .. attribute:: key_size + + :type: int + + The bit length of the curves base point. + + .. attribute:: x + + :type: int + + The affine x component of the public point used for verifying. + + .. attribute:: y + + :type: int + + The affine y component of the public point used for verifying. + + .. method:: public_key() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + + The EllipticCurvePublicKey object for this private key. + + +.. class:: EllipticCurvePublicKey + + .. versionadded:: 0.4 + + An elliptic curve public key. + + .. attribute:: curve + + :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve` + + The elliptic curve for this key. + + .. attribute:: x + + :type: int + + The affine x component of the public point used for verifying. + + .. attribute:: y + + :type: int + + The affine y component of the public point used for verifying. + + .. attribute:: key_size + + :type: int + + The bit length of the curves base point. + + .. class:: AsymmetricSignatureContext .. versionadded:: 0.2 @@ -612,3 +707,5 @@ Key derivation functions .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm .. _`CMAC`: https://en.wikipedia.org/wiki/CMAC +.. _`ECDSA`: http://en.wikipedia.org/wiki/ECDSA +.. _`EdDSA`: http://en.wikipedia.org/wiki/EdDSA diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index b5896158..81acb67e 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -1,3 +1,4 @@ +affine backend backends Backends @@ -32,6 +33,7 @@ plaintext pseudorandom Schneier scrypt +secp testability unencrypted unpadded -- cgit v1.2.3 From df7ba81f4e89048c6a13dfded26786a7cc593762 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Wed, 16 Apr 2014 11:11:35 +0100 Subject: Use @six.add_metaclass(abc.ABCMeta) --- cryptography/hazmat/primitives/interfaces.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index ef8566bd..bec7ee7f 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -491,7 +491,8 @@ class CMACContext(object): """ -class EllipticCurve(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class EllipticCurve(object): @abc.abstractproperty def name(self): """ @@ -505,7 +506,8 @@ class EllipticCurve(six.with_metaclass(abc.ABCMeta)): """ -class EllipticCurvePrivateKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class EllipticCurvePrivateKey(object): @abc.abstractproperty def curve(self): """ @@ -543,7 +545,8 @@ class EllipticCurvePrivateKey(six.with_metaclass(abc.ABCMeta)): """ -class EllipticCurvePublicKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class EllipticCurvePublicKey(object): @abc.abstractproperty def curve(self): """ -- cgit v1.2.3 From b72e53ced354e34354a321fc3d5f1ca7b6fddf4e Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 18 Apr 2014 11:11:44 +0100 Subject: Add signing and verifying interfaces --- cryptography/hazmat/primitives/interfaces.py | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index bec7ee7f..f270cc5a 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -506,8 +506,19 @@ class EllipticCurve(object): """ +@six.add_metaclass(abc.ABCMeta) +class EllipticCurveSignatureAlgorithm(object): + pass + + @six.add_metaclass(abc.ABCMeta) class EllipticCurvePrivateKey(object): + @abc.abstractmethod + def signer(self, signature_algorithm, digest_algorithm, backend): + """ + Returns an AsymmetricSignatureContext used for signing data. + """ + @abc.abstractproperty def curve(self): """ @@ -541,12 +552,18 @@ class EllipticCurvePrivateKey(object): @abc.abstractmethod def public_key(self): """ - The ECDSAPublicKey for this private key. + The EllipticCurvePublicKey for this private key. """ @six.add_metaclass(abc.ABCMeta) class EllipticCurvePublicKey(object): + @abc.abstractmethod + def verifier(self, signature_algorithm, digest_algorithm, backend): + """ + Returns an AsymmetricSignatureContext used for signing data. + """ + @abc.abstractproperty def curve(self): """ -- cgit v1.2.3 From a1853f9bdbabd1f7c48229272915e1fcf4b998e7 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 18 Apr 2014 11:38:28 +0100 Subject: Flesh out EllipticCurveSignatureAlgorithm --- cryptography/hazmat/primitives/interfaces.py | 14 ++++- docs/hazmat/primitives/interfaces.rst | 87 ++++++++++++++++++++++++++++ 2 files changed, 99 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index f270cc5a..5bca9c52 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -508,7 +508,17 @@ class EllipticCurve(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurveSignatureAlgorithm(object): - pass + @abc.abstractmethod + def signer(self, private_key, algorithm, backend): + """ + Returns an AsymmetricSignatureContext used for signing data. + """ + + @abc.abstractmethod + def verifier(self, public_key, algorithm, backend): + """ + Returns an AsymmetricVerificationContext used for signing data. + """ @six.add_metaclass(abc.ABCMeta) @@ -561,7 +571,7 @@ class EllipticCurvePublicKey(object): @abc.abstractmethod def verifier(self, signature_algorithm, digest_algorithm, backend): """ - Returns an AsymmetricSignatureContext used for signing data. + Returns an AsymmetricVerificationContext used for signing data. """ @abc.abstractproperty diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 6ec6de62..e53c6099 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -483,6 +483,54 @@ Asymmetric interfaces The bit length of the curves base point. +.. class:: EllipticCurveSignatureAlgorithm + + .. versionadded:: 0.4 + + A signature algorithm for use with elliptic curve keys. + + .. method:: signer(private_key, algorithm, backend) + + Sign data which can be verified later by others using the public key. + + :param private_key: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKey` + provider. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + + .. method:: verifier(public_key, algorithm, backend) + + Verify data was signed by the private key associated with this public + key. + + :param bytes signature: The signature to verify. + + :param public_key: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` + provider. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + + .. class:: EllipticCurvePrivateKey .. versionadded:: 0.4 @@ -490,6 +538,25 @@ Asymmetric interfaces An elliptic curve private key for use with an algorithm such as `ECDSA`_ or `EdDSA`_. + .. classmethod:: signer(signature_algorithm, digest_algorithm, backend) + + Sign data which can be verified later by others using the public key. + + :param signature_algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` + provider. + + :param digest_algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + .. attribute:: curve :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve` @@ -533,6 +600,26 @@ Asymmetric interfaces An elliptic curve public key. + .. classmethod:: verifier(signature_algorithm, digest_algorithm, backend) + + Verify data was signed by the private key associated with this public + key. + + :param signature_algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` + provider. + + :param digest_algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + .. attribute:: curve :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve` -- cgit v1.2.3 From 69579ffe94195df7d23f5291c631a9f0e3f6a7c2 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sun, 20 Apr 2014 16:35:29 +0100 Subject: Fixup how the digest algorithm is sent --- cryptography/hazmat/primitives/interfaces.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index 5bca9c52..a966d15a 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -508,14 +508,20 @@ class EllipticCurve(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurveSignatureAlgorithm(object): + @abc.abstractproperty + def algorithm(self): + """ + The digest algorithm used with this signature. + """ + @abc.abstractmethod - def signer(self, private_key, algorithm, backend): + def signer(self, private_key, backend): """ Returns an AsymmetricSignatureContext used for signing data. """ @abc.abstractmethod - def verifier(self, public_key, algorithm, backend): + def verifier(self, signature, public_key, backend): """ Returns an AsymmetricVerificationContext used for signing data. """ @@ -524,7 +530,7 @@ class EllipticCurveSignatureAlgorithm(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurvePrivateKey(object): @abc.abstractmethod - def signer(self, signature_algorithm, digest_algorithm, backend): + def signer(self, signature_algorithm, backend): """ Returns an AsymmetricSignatureContext used for signing data. """ @@ -569,7 +575,7 @@ class EllipticCurvePrivateKey(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurvePublicKey(object): @abc.abstractmethod - def verifier(self, signature_algorithm, digest_algorithm, backend): + def verifier(self, signature, signature_algorithm, backend): """ Returns an AsymmetricVerificationContext used for signing data. """ -- cgit v1.2.3 From 80228a19eaeebb3d9f46faccc2679ba0ef2b09ae Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sun, 20 Apr 2014 16:44:26 +0100 Subject: Update docs --- docs/hazmat/primitives/interfaces.rst | 32 ++++++++++++-------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e53c6099..d7f3298b 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -489,7 +489,13 @@ Asymmetric interfaces A signature algorithm for use with elliptic curve keys. - .. method:: signer(private_key, algorithm, backend) + .. attribute:: algorithm + + :type: :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + + The digest algorithm to be used with the signature scheme. + + .. method:: signer(private_key, backend) Sign data which can be verified later by others using the public key. @@ -497,10 +503,6 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKey` provider. - :param algorithm: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` - provider. - :param backend: A :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider. @@ -508,7 +510,7 @@ Asymmetric interfaces :returns: :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` - .. method:: verifier(public_key, algorithm, backend) + .. method:: verifier(signature, public_key, backend) Verify data was signed by the private key associated with this public key. @@ -519,10 +521,6 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` provider. - :param algorithm: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` - provider. - :param backend: A :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider. @@ -538,7 +536,7 @@ Asymmetric interfaces An elliptic curve private key for use with an algorithm such as `ECDSA`_ or `EdDSA`_. - .. classmethod:: signer(signature_algorithm, digest_algorithm, backend) + .. classmethod:: signer(signature_algorithm, backend) Sign data which can be verified later by others using the public key. @@ -546,10 +544,6 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` provider. - :param digest_algorithm: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` - provider. - :param backend: A :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider. @@ -600,19 +594,17 @@ Asymmetric interfaces An elliptic curve public key. - .. classmethod:: verifier(signature_algorithm, digest_algorithm, backend) + .. classmethod:: verifier(signer, signature_algorithm, backend) Verify data was signed by the private key associated with this public key. + :param bytes signature: The signature to verify. + :param signature_algorithm: An instance of a :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` provider. - :param digest_algorithm: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` - provider. - :param backend: A :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider. -- cgit v1.2.3 From 20c99038a184928282d5b0598e7c201c0b851851 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 3 May 2014 21:06:46 +0100 Subject: Bump to 0.5 --- docs/hazmat/primitives/interfaces.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index d7f3298b..97f89b28 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -465,7 +465,7 @@ Asymmetric interfaces .. class:: EllipticCurve - .. versionadded:: 0.4 + .. versionadded:: 0.5 A named elliptic curve. @@ -485,7 +485,7 @@ Asymmetric interfaces .. class:: EllipticCurveSignatureAlgorithm - .. versionadded:: 0.4 + .. versionadded:: 0.5 A signature algorithm for use with elliptic curve keys. @@ -531,7 +531,7 @@ Asymmetric interfaces .. class:: EllipticCurvePrivateKey - .. versionadded:: 0.4 + .. versionadded:: 0.5 An elliptic curve private key for use with an algorithm such as `ECDSA`_ or `EdDSA`_. @@ -590,7 +590,7 @@ Asymmetric interfaces .. class:: EllipticCurvePublicKey - .. versionadded:: 0.4 + .. versionadded:: 0.5 An elliptic curve public key. -- cgit v1.2.3 From b987a08652a8866c49325cd5f920b8674d934836 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 16 May 2014 21:24:35 +0100 Subject: Removed signer/verifier from signature algorithm --- cryptography/hazmat/primitives/interfaces.py | 12 ---------- docs/hazmat/primitives/interfaces.rst | 33 ---------------------------- 2 files changed, 45 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index a966d15a..9ba98798 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -514,18 +514,6 @@ class EllipticCurveSignatureAlgorithm(object): The digest algorithm used with this signature. """ - @abc.abstractmethod - def signer(self, private_key, backend): - """ - Returns an AsymmetricSignatureContext used for signing data. - """ - - @abc.abstractmethod - def verifier(self, signature, public_key, backend): - """ - Returns an AsymmetricVerificationContext used for signing data. - """ - @six.add_metaclass(abc.ABCMeta) class EllipticCurvePrivateKey(object): diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 97f89b28..9a957cc2 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -495,39 +495,6 @@ Asymmetric interfaces The digest algorithm to be used with the signature scheme. - .. method:: signer(private_key, backend) - - Sign data which can be verified later by others using the public key. - - :param private_key: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePrivateKey` - provider. - - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - - :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` - - .. method:: verifier(signature, public_key, backend) - - Verify data was signed by the private key associated with this public - key. - - :param bytes signature: The signature to verify. - - :param public_key: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` - provider. - - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - - :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` - .. class:: EllipticCurvePrivateKey -- cgit v1.2.3 From fc7e24aafc8de687c97c6416758b462b411d20fc Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 16 May 2014 22:24:11 +0100 Subject: Separate ECC key material from operations --- cryptography/hazmat/primitives/asymmetric/ec.py | 69 +++++++++++++++++++++++ cryptography/hazmat/primitives/interfaces.py | 52 ++---------------- tests/hazmat/primitives/test_ec.py | 73 +++++++++++++++++++++++++ 3 files changed, 147 insertions(+), 47 deletions(-) create mode 100644 cryptography/hazmat/primitives/asymmetric/ec.py create mode 100644 tests/hazmat/primitives/test_ec.py diff --git a/cryptography/hazmat/primitives/asymmetric/ec.py b/cryptography/hazmat/primitives/asymmetric/ec.py new file mode 100644 index 00000000..29ab67d5 --- /dev/null +++ b/cryptography/hazmat/primitives/asymmetric/ec.py @@ -0,0 +1,69 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +import six + +from cryptography.hazmat.primitives import interfaces + + +class EllipticCurvePublicNumbers(object): + def __init__(self, x, y, curve): + if ( + not isinstance(x, six.integer_types) or + not isinstance(y, six.integer_types) + ): + raise TypeError("x and y must be integers.") + + if not isinstance(curve, interfaces.EllipticCurve): + raise TypeError("curve must provide the EllipticCurve interface.") + + self._y = y + self._x = x + self._curve = curve + + @property + def curve(self): + return self._curve + + @property + def x(self): + return self._x + + @property + def y(self): + return self._y + + +class EllipticCurvePrivateNumbers(object): + def __init__(self, private_key, public_numbers): + if not isinstance(private_key, six.integer_types): + raise TypeError("private_key must be an integer.") + + if not isinstance(public_numbers, EllipticCurvePublicNumbers): + raise TypeError( + "public_numbers must be an EllipticCurvePublicNumbers " + "instance." + ) + + self._private_key = private_key + self._public_numbers = public_numbers + + @property + def private_key(self): + return self._private_key + + @property + def public_numbers(self): + return self._public_numbers diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index 9ba98798..76d7e688 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -523,40 +523,16 @@ class EllipticCurvePrivateKey(object): Returns an AsymmetricSignatureContext used for signing data. """ - @abc.abstractproperty - def curve(self): - """ - The EllipticCurve that this key is on. - """ - - @abc.abstractproperty - def private_key(self): - """ - The private value used for signing. - """ - - @abc.abstractproperty - def key_size(self): - """ - The bit length of the base point of the curve. - """ - - @abc.abstractproperty - def x(self): + @abc.abstractmethod + def public_key(self): """ - The affine x component of the public point used for verifying. + The EllipticCurvePublicKey for this private key. """ @abc.abstractproperty - def y(self): - """ - The affine y component of the public point used for verifying. - """ - - @abc.abstractmethod - def public_key(self): + def curve(self): """ - The EllipticCurvePublicKey for this private key. + The EllipticCurve that this key is on. """ @@ -573,21 +549,3 @@ class EllipticCurvePublicKey(object): """ The EllipticCurve that this key is on. """ - - @abc.abstractproperty - def x(self): - """ - The affine x component of the public point used for verifying. - """ - - @abc.abstractproperty - def y(self): - """ - The affine y component of the public point used for verifying. - """ - - @abc.abstractproperty - def key_size(self): - """ - The bit length of the base point of the curve. - """ diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py new file mode 100644 index 00000000..9b31a2a6 --- /dev/null +++ b/tests/hazmat/primitives/test_ec.py @@ -0,0 +1,73 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +from __future__ import absolute_import, division, print_function + +import pytest + +from cryptography import utils +from cryptography.hazmat.primitives import interfaces +from cryptography.hazmat.primitives.asymmetric import ec + + +@utils.register_interface(interfaces.EllipticCurve) +class DummyCurve(object): + name = "dummy-curve" + + +class TestECC(object): + def test_ec_numbers(self): + numbers = ec.EllipticCurvePrivateNumbers( + 1, + ec.EllipticCurvePublicNumbers( + 2, 3, DummyCurve() + ) + ) + + assert numbers.private_key == 1 + assert numbers.public_numbers.x == 2 + assert numbers.public_numbers.y == 3 + assert isinstance(numbers.public_numbers.curve, DummyCurve) + + with pytest.raises(TypeError): + ec.EllipticCurvePrivateNumbers( + None, + ec.EllipticCurvePublicNumbers( + 2, 3, DummyCurve() + ) + ) + + with pytest.raises(TypeError): + ec.EllipticCurvePrivateNumbers( + 1, + ec.EllipticCurvePublicNumbers( + None, 3, DummyCurve() + ) + ) + + with pytest.raises(TypeError): + ec.EllipticCurvePrivateNumbers( + 1, + ec.EllipticCurvePublicNumbers( + 2, None, DummyCurve() + ) + ) + + with pytest.raises(TypeError): + ec.EllipticCurvePrivateNumbers( + 1, + ec.EllipticCurvePublicNumbers( + 2, 3, None + ) + ) -- cgit v1.2.3 From 23a6266ac6a763f07ce397af0c1957cc124e7f81 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 16 May 2014 22:43:40 +0100 Subject: Add docs for EC numbers --- docs/hazmat/primitives/asymmetric/ec.rst | 51 ++++++++++++++++++++++++++++++++ docs/hazmat/primitives/interfaces.rst | 30 ------------------- 2 files changed, 51 insertions(+), 30 deletions(-) create mode 100644 docs/hazmat/primitives/asymmetric/ec.rst diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst new file mode 100644 index 00000000..44c24d7f --- /dev/null +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -0,0 +1,51 @@ +.. hazmat:: + +Elliptic Curve +============== + +.. currentmodule:: cryptography.hazmat.primitives.asymmetric.ec + + +.. class:: EllipticCurvePrivateNumbers + + .. versionadded:: 0.5 + + The collection of integers that make up an EC private key. + + .. attribute:: public_numbers + + :type: :class:`~cryptography.hazmat.primitives.ec.EllipticCurvePublicNumbers` + + The :class:`EllipticCurvePublicNumbers` which makes up the EC public + key associated with this EC private key. + + .. attribute:: private_key + + :type: int + + The private key. + + +.. class:: EllipticCurvePublicNumbers + + .. versionadded:: 0.5 + + The collection of integers that make up an EC public key. + + .. attribute:: curve + + :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve` + + The elliptic curve for this key. + + .. attribute:: x + + :type: int + + The affine x component of the public point used for verifying. + + .. attribute:: y + + :type: int + + The affine y component of the public point used for verifying. diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 9a957cc2..f4597fbf 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -524,30 +524,12 @@ Asymmetric interfaces The elliptic curve for this key. - .. attribute:: private_key - - :type: int - - The private key. - .. attribute:: key_size :type: int The bit length of the curves base point. - .. attribute:: x - - :type: int - - The affine x component of the public point used for verifying. - - .. attribute:: y - - :type: int - - The affine y component of the public point used for verifying. - .. method:: public_key() :return: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` @@ -585,18 +567,6 @@ Asymmetric interfaces The elliptic curve for this key. - .. attribute:: x - - :type: int - - The affine x component of the public point used for verifying. - - .. attribute:: y - - :type: int - - The affine y component of the public point used for verifying. - .. attribute:: key_size :type: int -- cgit v1.2.3 From 3d643c57c219d9560890381561d831b789305c3c Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 17 May 2014 16:59:58 +0100 Subject: Add __init__ arguments to docs --- docs/hazmat/primitives/asymmetric/ec.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index 44c24d7f..4b0d30c5 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -6,7 +6,7 @@ Elliptic Curve .. currentmodule:: cryptography.hazmat.primitives.asymmetric.ec -.. class:: EllipticCurvePrivateNumbers +.. class:: EllipticCurvePrivateNumbers(private_key, public_numbers) .. versionadded:: 0.5 @@ -26,7 +26,7 @@ Elliptic Curve The private key. -.. class:: EllipticCurvePublicNumbers +.. class:: EllipticCurvePublicNumbers(x, y, curve) .. versionadded:: 0.5 -- cgit v1.2.3 From 977b409ed8aa9c26b2e3a1bdb6147b7c4435c1be Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 17 May 2014 17:02:42 +0100 Subject: Remove key_size from EC keys docs --- docs/hazmat/primitives/interfaces.rst | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index f4597fbf..c5a430d2 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -524,12 +524,6 @@ Asymmetric interfaces The elliptic curve for this key. - .. attribute:: key_size - - :type: int - - The bit length of the curves base point. - .. method:: public_key() :return: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey` @@ -567,12 +561,6 @@ Asymmetric interfaces The elliptic curve for this key. - .. attribute:: key_size - - :type: int - - The bit length of the curves base point. - .. class:: AsymmetricSignatureContext -- cgit v1.2.3 From 81ce8ef0ad52edac1d252c9bc7485c79ba2fcec9 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 17 May 2014 20:08:44 +0100 Subject: Add EC docs to the index --- docs/hazmat/primitives/asymmetric/index.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst index 047f9cb9..6a5228ba 100644 --- a/docs/hazmat/primitives/asymmetric/index.rst +++ b/docs/hazmat/primitives/asymmetric/index.rst @@ -7,6 +7,7 @@ Asymmetric algorithms :maxdepth: 1 dsa + ec rsa padding serialization -- cgit v1.2.3 From a264eccab51b57422b99bd12d58a3f2a3f15ac1c Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sun, 18 May 2014 15:31:56 +0100 Subject: Rename private_key to private_value --- cryptography/hazmat/primitives/asymmetric/ec.py | 12 ++++++------ docs/hazmat/primitives/asymmetric/ec.rst | 6 +++--- tests/hazmat/primitives/test_ec.py | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cryptography/hazmat/primitives/asymmetric/ec.py b/cryptography/hazmat/primitives/asymmetric/ec.py index 29ab67d5..1e49ad7b 100644 --- a/cryptography/hazmat/primitives/asymmetric/ec.py +++ b/cryptography/hazmat/primitives/asymmetric/ec.py @@ -47,9 +47,9 @@ class EllipticCurvePublicNumbers(object): class EllipticCurvePrivateNumbers(object): - def __init__(self, private_key, public_numbers): - if not isinstance(private_key, six.integer_types): - raise TypeError("private_key must be an integer.") + def __init__(self, private_value, public_numbers): + if not isinstance(private_value, six.integer_types): + raise TypeError("private_value must be an integer.") if not isinstance(public_numbers, EllipticCurvePublicNumbers): raise TypeError( @@ -57,12 +57,12 @@ class EllipticCurvePrivateNumbers(object): "instance." ) - self._private_key = private_key + self._private_value = private_value self._public_numbers = public_numbers @property - def private_key(self): - return self._private_key + def private_value(self): + return self._private_value @property def public_numbers(self): diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index 4b0d30c5..f88b965a 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -6,7 +6,7 @@ Elliptic Curve .. currentmodule:: cryptography.hazmat.primitives.asymmetric.ec -.. class:: EllipticCurvePrivateNumbers(private_key, public_numbers) +.. class:: EllipticCurvePrivateNumbers(private_value, public_numbers) .. versionadded:: 0.5 @@ -19,11 +19,11 @@ Elliptic Curve The :class:`EllipticCurvePublicNumbers` which makes up the EC public key associated with this EC private key. - .. attribute:: private_key + .. attribute:: private_value :type: int - The private key. + The private value. .. class:: EllipticCurvePublicNumbers(x, y, curve) diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 9b31a2a6..f61b4a9b 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -35,7 +35,7 @@ class TestECC(object): ) ) - assert numbers.private_key == 1 + assert numbers.private_value == 1 assert numbers.public_numbers.x == 2 assert numbers.public_numbers.y == 3 assert isinstance(numbers.public_numbers.curve, DummyCurve) -- cgit v1.2.3 From 33c9d838bcc9ed04d184bf86702499aed6faceab Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 23 May 2014 21:31:51 +0100 Subject: Make EC key interfaces backend specific --- cryptography/hazmat/primitives/interfaces.py | 4 ++-- docs/hazmat/primitives/interfaces.rst | 12 ++---------- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index 76d7e688..0dd1d01a 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -518,7 +518,7 @@ class EllipticCurveSignatureAlgorithm(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurvePrivateKey(object): @abc.abstractmethod - def signer(self, signature_algorithm, backend): + def signer(self, signature_algorithm): """ Returns an AsymmetricSignatureContext used for signing data. """ @@ -539,7 +539,7 @@ class EllipticCurvePrivateKey(object): @six.add_metaclass(abc.ABCMeta) class EllipticCurvePublicKey(object): @abc.abstractmethod - def verifier(self, signature, signature_algorithm, backend): + def verifier(self, signature, signature_algorithm): """ Returns an AsymmetricVerificationContext used for signing data. """ diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index c5a430d2..c7b94ff2 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -503,7 +503,7 @@ Asymmetric interfaces An elliptic curve private key for use with an algorithm such as `ECDSA`_ or `EdDSA`_. - .. classmethod:: signer(signature_algorithm, backend) + .. classmethod:: signer(signature_algorithm) Sign data which can be verified later by others using the public key. @@ -511,10 +511,6 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` provider. - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - :returns: :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` @@ -537,7 +533,7 @@ Asymmetric interfaces An elliptic curve public key. - .. classmethod:: verifier(signer, signature_algorithm, backend) + .. classmethod:: verifier(signer, signature_algorithm) Verify data was signed by the private key associated with this public key. @@ -548,10 +544,6 @@ Asymmetric interfaces :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurveSignatureAlgorithm` provider. - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - :returns: :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` -- cgit v1.2.3 From 6e52674222a32d57a002137baa0d57df132b40d4 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 23 May 2014 22:06:06 +0100 Subject: Remove secp from spelling dictionary --- docs/hazmat/primitives/interfaces.rst | 2 +- docs/spelling_wordlist.txt | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index c7b94ff2..0998a0ca 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -474,7 +474,7 @@ Asymmetric interfaces :type: string The name of the curve. Usually the name used for the ASN.1 OID such as - "secp256k1". + ``secp256k1``. .. attribute:: key_size diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index 81acb67e..9baf0822 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -33,7 +33,6 @@ plaintext pseudorandom Schneier scrypt -secp testability unencrypted unpadded -- cgit v1.2.3 From d9c1ebac886658ca988d9d3ea3bf2841c9554241 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Fri, 23 May 2014 22:33:35 +0100 Subject: Test EC public numbers type error --- tests/hazmat/primitives/test_ec.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index f61b4a9b..53985fe2 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -71,3 +71,9 @@ class TestECC(object): 2, 3, None ) ) + + with pytest.raises(TypeError): + ec.EllipticCurvePrivateNumbers( + 1, + None + ) -- cgit v1.2.3 From 24258ec6147e9c323b058ec7a165c52bc50ccdfc Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sat, 24 May 2014 12:15:59 +0100 Subject: doc8 fixes --- docs/hazmat/primitives/interfaces.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 0998a0ca..e4e007ce 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -504,7 +504,7 @@ Asymmetric interfaces `EdDSA`_. .. classmethod:: signer(signature_algorithm) - + Sign data which can be verified later by others using the public key. :param signature_algorithm: An instance of a @@ -534,7 +534,7 @@ Asymmetric interfaces An elliptic curve public key. .. classmethod:: verifier(signer, signature_algorithm) - + Verify data was signed by the private key associated with this public key. -- cgit v1.2.3 From d436569bb729b97a856b0e69fcf7a9c09d298964 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Mon, 26 May 2014 09:25:25 +0100 Subject: Apostophe --- docs/hazmat/primitives/interfaces.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index e4e007ce..b2857f58 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -480,7 +480,7 @@ Asymmetric interfaces :type: int - The bit length of the curves base point. + The bit length of the curve's base point. .. class:: EllipticCurveSignatureAlgorithm -- cgit v1.2.3