ecdsa.ecdsa module
Low level implementation of Elliptic-Curve Digital Signatures.
Note
You’re most likely looking for the keys module.
This is a low-level implementation of the ECDSA that operates on
integers, not byte strings.
NOTE: This a low level implementation of ECDSA, for normal applications you should be looking at the keys.py module.
Classes and methods for elliptic-curve signatures: private keys, public keys, signatures, and definitions of prime-modulus curves.
Example:
# (In real-life applications, you would probably want to
# protect against defects in SystemRandom.)
from random import SystemRandom
randrange = SystemRandom().randrange
# Generate a public/private key pair using the NIST Curve P-192:
g = generator_192
n = g.order()
secret = randrange( 1, n )
pubkey = Public_key( g, g * secret )
privkey = Private_key( pubkey, secret )
# Signing a hash value:
hash = randrange( 1, n )
signature = privkey.sign( hash, randrange( 1, n ) )
# Verifying a signature for a hash value:
if pubkey.verifies( hash, signature ):
print("Demo verification succeeded.")
else:
print("*** Demo verification failed.")
# Verification fails if the hash value is modified:
if pubkey.verifies( hash-1, signature ):
print("**** Demo verification failed to reject tampered hash.")
else:
print("Demo verification correctly rejected tampered hash.")
- Revision history:
2005.12.31 - Initial version.
2008.11.25 - Substantial revisions introducing new classes.
2009.05.16 - Warn against using random.randrange in real applications.
2009.05.17 - Use random.SystemRandom by default.
Originally written in 2005 by Peter Pearson and placed in the public domain, modified as part of the python-ecdsa package.
- exception ecdsa.ecdsa.InvalidPointError[source]
Bases:
RuntimeError- add_note()
Exception.add_note(note) – add a note to the exception
- args
- with_traceback()
Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.
- class ecdsa.ecdsa.Private_key(public_key, secret_multiplier)[source]
Bases:
objectPrivate key for ECDSA.
- sign(hash, random_k)[source]
Return a signature for the provided hash, using the provided random nonce. It is absolutely vital that random_k be an unpredictable number in the range [1, self.public_key.point.order()-1]. If an attacker can guess random_k, he can compute our private key from a single signature. Also, if an attacker knows a few high-order bits (or a few low-order bits) of random_k, he can compute our private key from many signatures. The generation of nonces with adequate cryptographic strength is very difficult and far beyond the scope of this comment.
May raise RuntimeError, in which case retrying with a new random value k is in order.
- class ecdsa.ecdsa.Public_key(generator, point, verify=True)[source]
Bases:
objectPublic key for ECDSA.
- exception ecdsa.ecdsa.RSZeroError[source]
Bases:
RuntimeError- add_note()
Exception.add_note(note) – add a note to the exception
- args
- with_traceback()
Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.
- class ecdsa.ecdsa.Signature(r, s)[source]
Bases:
objectECDSA signature.
- Variables:
- recover_public_keys(hash, generator)[source]
Returns two public keys for which the signature is valid
- Parameters:
hash (int) – signed hash
generator (AbstractPoint) – is the generator used in creation of the signature
- Return type:
- Returns:
a pair of public keys that can validate the signature
- ecdsa.ecdsa.digest_integer(m)[source]
Convert an integer into a string of bytes, compute its SHA-1 hash, and convert the result to an integer.
- ecdsa.ecdsa.int2byte()
S.pack(v1, v2, …) -> bytes
Return a bytes object containing values v1, v2, … packed according to the format string S.format. See help(struct) for more on format strings.