ecdsa.util module
This module includes some utility functions.
The methods most typically used are the sigencode and sigdecode functions
to be used with sign() and
verify()
respectively. See the sigencode_strings(), sigdecode_string(),
sigencode_der(), sigencode_strings_canonize(),
sigencode_string_canonize(), sigencode_der_canonize(),
sigdecode_strings(), sigdecode_string(), and
sigdecode_der() functions.
- exception ecdsa.util.MalformedSignature[source]
Bases:
ExceptionRaised by decoding functions when the signature is malformed.
Malformed in this context means that the relevant strings or integers do not match what a signature over provided curve would create. Either because the byte strings have incorrect lengths or because the encoded values are too large.
- add_note()
Exception.add_note(note) – add a note to the exception
- args
- with_traceback()
Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.
- ecdsa.util.int2byte()
S.pack(v1, v2, …) -> bytes
Return a bytes object containing values v1, v2, … packed according to the format string S.format. See help(struct) for more on format strings.
- ecdsa.util.randrange(order, entropy=None)[source]
Return a random integer k such that 1 <= k < order, uniformly distributed across that range. Worst case should be a mean of 2 loops at (2**k)+2.
Note that this function is not declared to be forwards-compatible: we may change the behavior in future releases. The entropy= argument (which should get a callable that behaves like os.urandom) can be used to achieve stability within a given release (for repeatable unit tests), but should not be used as a long-term-compatible key generation algorithm.
- ecdsa.util.randrange_from_seed__truncate_bits(seed, order, hashmod=<built-in function openssl_sha256>)[source]
- ecdsa.util.randrange_from_seed__truncate_bytes(seed, order, hashmod=<built-in function openssl_sha256>)[source]
- ecdsa.util.sigdecode_der(sig_der, order)[source]
Decoder for DER format of ECDSA signatures.
DER format of signature is one that uses the ASN.1 DER rules to encode it as a sequence of two integers:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as as the
sigdecode=parameter to theecdsa.keys.VerifyingKey.verify()method.- Parameters:
sig_der (bytes like object) – encoded signature
order (int) – order of the curve over which the signature was computed
- Raises:
UnexpectedDER – when the encoding of signature is invalid
- Returns:
tuple with decoded
randsvalues of signature- Return type:
tuple of ints
- ecdsa.util.sigdecode_string(signature, order)[source]
Decoder for raw encoding of ECDSA signatures.
raw encoding is a simple concatenation of the two integers that comprise the signature, with each encoded using the same amount of bytes depending on curve size/order.
It’s expected that this function will be used as the
sigdecode=parameter to theecdsa.keys.VerifyingKey.verify()method.- Parameters:
signature (bytes like object) – encoded signature
order (int) – order of the curve over which the signature was computed
- Raises:
MalformedSignature – when the encoding of the signature is invalid
- Returns:
tuple with decoded
randsvalues of signature- Return type:
tuple of ints
- ecdsa.util.sigdecode_strings(rs_strings, order)[source]
Decode the signature from two strings.
First string needs to be a big endian encoding of
r, second needs to be a big endian encoding of thesparameter of an ECDSA signature.It’s expected that this function will be used as the
sigdecode=parameter to theecdsa.keys.VerifyingKey.verify()method.- Parameters:
- Raises:
MalformedSignature – when the encoding of the signature is invalid
- Returns:
tuple with decoded
randsvalues of signature- Return type:
tuple of ints
- ecdsa.util.sigencode_der(r, s, order)[source]
Encode the signature into the ECDSA-Sig-Value structure using DER.
Encodes the signature to the following ASN.1 structure:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.
- ecdsa.util.sigencode_der_canonize(r, s, order)[source]
Encode the signature into the ECDSA-Sig-Value structure using DER.
Makes sure that the signature is encoded in the canonical format, where the
sparameter is always smaller thanorder / 2. Most commonly used in bitcoin.Encodes the signature to the following ASN.1 structure:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.
- ecdsa.util.sigencode_string(r, s, order)[source]
Encode the signature to raw format (raw encoding)
It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.
- ecdsa.util.sigencode_string_canonize(r, s, order)[source]
Encode the signature to raw format (raw encoding)
Makes sure that the signature is encoded in the canonical format, where the
sparameter is always smaller thanorder / 2. Most commonly used in bitcoin.It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.
- ecdsa.util.sigencode_strings(r, s, order)[source]
Encode the signature to a pair of strings in a tuple
Encodes signature into raw encoding (raw encoding) with the
randsparts of the signature encoded separately.It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.
- ecdsa.util.sigencode_strings_canonize(r, s, order)[source]
Encode the signature to a pair of strings in a tuple
Encodes signature into raw encoding (raw encoding) with the
randsparts of the signature encoded separately.Makes sure that the signature is encoded in the canonical format, where the
sparameter is always smaller thanorder / 2. Most commonly used in bitcoin.It’s expected that this function will be used as a
sigencode=parameter inecdsa.keys.SigningKey.sign()method.