ecdsa.util module
This module includes some utility functions.
The methods most typically used are the sigencode and sigdecode functions
to be used with sign()
and
verify()
respectively. See the sigencode_strings()
, sigdecode_string()
,
sigencode_der()
, sigencode_strings_canonize()
,
sigencode_string_canonize()
, sigencode_der_canonize()
,
sigdecode_strings()
, sigdecode_string()
, and
sigdecode_der()
functions.
- exception ecdsa.util.MalformedSignature[source]
Bases:
Exception
Raised by decoding functions when the signature is malformed.
Malformed in this context means that the relevant strings or integers do not match what a signature over provided curve would create. Either because the byte strings have incorrect lengths or because the encoded values are too large.
- add_note()
Exception.add_note(note) – add a note to the exception
- args
- with_traceback()
Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.
- ecdsa.util.int2byte()
S.pack(v1, v2, …) -> bytes
Return a bytes object containing values v1, v2, … packed according to the format string S.format. See help(struct) for more on format strings.
- ecdsa.util.randrange(order, entropy=None)[source]
Return a random integer k such that 1 <= k < order, uniformly distributed across that range. Worst case should be a mean of 2 loops at (2**k)+2.
Note that this function is not declared to be forwards-compatible: we may change the behavior in future releases. The entropy= argument (which should get a callable that behaves like os.urandom) can be used to achieve stability within a given release (for repeatable unit tests), but should not be used as a long-term-compatible key generation algorithm.
- ecdsa.util.randrange_from_seed__truncate_bits(seed, order, hashmod=<built-in function openssl_sha256>)[source]
- ecdsa.util.randrange_from_seed__truncate_bytes(seed, order, hashmod=<built-in function openssl_sha256>)[source]
- ecdsa.util.sigdecode_der(sig_der, order)[source]
Decoder for DER format of ECDSA signatures.
DER format of signature is one that uses the ASN.1 DER rules to encode it as a sequence of two integers:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as as the
sigdecode=
parameter to theecdsa.keys.VerifyingKey.verify()
method.- Parameters:
sig_der (bytes like object) – encoded signature
order (int) – order of the curve over which the signature was computed
- Raises:
UnexpectedDER – when the encoding of signature is invalid
- Returns:
tuple with decoded
r
ands
values of signature- Return type:
tuple of ints
- ecdsa.util.sigdecode_string(signature, order)[source]
Decoder for raw encoding of ECDSA signatures.
raw encoding is a simple concatenation of the two integers that comprise the signature, with each encoded using the same amount of bytes depending on curve size/order.
It’s expected that this function will be used as the
sigdecode=
parameter to theecdsa.keys.VerifyingKey.verify()
method.- Parameters:
signature (bytes like object) – encoded signature
order (int) – order of the curve over which the signature was computed
- Raises:
MalformedSignature – when the encoding of the signature is invalid
- Returns:
tuple with decoded
r
ands
values of signature- Return type:
tuple of ints
- ecdsa.util.sigdecode_strings(rs_strings, order)[source]
Decode the signature from two strings.
First string needs to be a big endian encoding of
r
, second needs to be a big endian encoding of thes
parameter of an ECDSA signature.It’s expected that this function will be used as the
sigdecode=
parameter to theecdsa.keys.VerifyingKey.verify()
method.- Parameters:
- Raises:
MalformedSignature – when the encoding of the signature is invalid
- Returns:
tuple with decoded
r
ands
values of signature- Return type:
tuple of ints
- ecdsa.util.sigencode_der(r, s, order)[source]
Encode the signature into the ECDSA-Sig-Value structure using DER.
Encodes the signature to the following ASN.1 structure:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.
- ecdsa.util.sigencode_der_canonize(r, s, order)[source]
Encode the signature into the ECDSA-Sig-Value structure using DER.
Makes sure that the signature is encoded in the canonical format, where the
s
parameter is always smaller thanorder / 2
. Most commonly used in bitcoin.Encodes the signature to the following ASN.1 structure:
Ecdsa-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER }
It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.
- ecdsa.util.sigencode_string(r, s, order)[source]
Encode the signature to raw format (raw encoding)
It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.
- ecdsa.util.sigencode_string_canonize(r, s, order)[source]
Encode the signature to raw format (raw encoding)
Makes sure that the signature is encoded in the canonical format, where the
s
parameter is always smaller thanorder / 2
. Most commonly used in bitcoin.It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.
- ecdsa.util.sigencode_strings(r, s, order)[source]
Encode the signature to a pair of strings in a tuple
Encodes signature into raw encoding (raw encoding) with the
r
ands
parts of the signature encoded separately.It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.
- ecdsa.util.sigencode_strings_canonize(r, s, order)[source]
Encode the signature to a pair of strings in a tuple
Encodes signature into raw encoding (raw encoding) with the
r
ands
parts of the signature encoded separately.Makes sure that the signature is encoded in the canonical format, where the
s
parameter is always smaller thanorder / 2
. Most commonly used in bitcoin.It’s expected that this function will be used as a
sigencode=
parameter inecdsa.keys.SigningKey.sign()
method.