本文整理汇总了Python中cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey方法的典型用法代码示例。如果您正苦于以下问题:Python ec.EllipticCurvePrivateKey方法的具体用法?Python ec.EllipticCurvePrivateKey怎么用?Python ec.EllipticCurvePrivateKey使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cryptography.hazmat.primitives.asymmetric.ec的用法示例。
在下文中一共展示了ec.EllipticCurvePrivateKey方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: type
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def type(self):
"""
Return the type of the object we wrap. Currently this can only be
'RSA', 'DSA', or 'EC'.
@rtype: L{str}
@raises RuntimeError: If the object type is unknown.
"""
if isinstance(
self._keyObject, (rsa.RSAPublicKey, rsa.RSAPrivateKey)):
return 'RSA'
elif isinstance(
self._keyObject, (dsa.DSAPublicKey, dsa.DSAPrivateKey)):
return 'DSA'
elif isinstance(
self._keyObject, (ec.EllipticCurvePublicKey, ec.EllipticCurvePrivateKey)):
return 'EC'
else:
raise RuntimeError(
'unknown type of object: %r' % (self._keyObject,)) 示例2: generate_valid_root_ca_cert_pem
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def generate_valid_root_ca_cert_pem(private_key):
"""
Helper to create and serialize root CA cert.
Args:
private_key (rsa.RSAPrivateKey, ec.EllipticCurvePrivateKey): Key that
should be used for signing the certificate.
Return:
PEM text representing serialized certificate.
"""
return serialize_cert_to_pem(
sign_cert_builder(
ca_cert_builder(
private_key.public_key(),
),
private_key
)
) 示例3: import_from_pyca
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def import_from_pyca(self, key):
if isinstance(key, rsa.RSAPrivateKey):
self._import_pyca_pri_rsa(key)
elif isinstance(key, rsa.RSAPublicKey):
self._import_pyca_pub_rsa(key)
elif isinstance(key, ec.EllipticCurvePrivateKey):
self._import_pyca_pri_ec(key)
elif isinstance(key, ec.EllipticCurvePublicKey):
self._import_pyca_pub_ec(key)
elif isinstance(key, (Ed25519PrivateKey, Ed448PrivateKey)):
self._import_pyca_pri_okp(key)
elif isinstance(key, (Ed25519PublicKey, Ed448PublicKey)):
self._import_pyca_pub_okp(key)
else:
raise InvalidJWKValue('Unknown key object %r' % key) 示例4: _derive
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def _derive(self, privkey, pubkey, alg, bitsize, headers):
# OtherInfo is defined in NIST SP 56A 5.8.1.2.1
# AlgorithmID
otherinfo = struct.pack('>I', len(alg))
otherinfo += bytes(alg.encode('utf8'))
# PartyUInfo
apu = base64url_decode(headers['apu']) if 'apu' in headers else b''
otherinfo += struct.pack('>I', len(apu))
otherinfo += apu
# PartyVInfo
apv = base64url_decode(headers['apv']) if 'apv' in headers else b''
otherinfo += struct.pack('>I', len(apv))
otherinfo += apv
# SuppPubInfo
otherinfo += struct.pack('>I', bitsize)
# no SuppPrivInfo
# Shared Key generation
if isinstance(privkey, ec.EllipticCurvePrivateKey):
shared_key = privkey.exchange(ec.ECDH(), pubkey)
else:
# X25519/X448
shared_key = privkey.exchange(pubkey)
ckdf = ConcatKDFHash(algorithm=hashes.SHA256(),
length=_inbytes(bitsize),
otherinfo=otherinfo,
backend=self.backend)
return ckdf.derive(shared_key) 示例5: test_from_string_pkcs1
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_from_string_pkcs1(self):
signer = es256.ES256Signer.from_string(PKCS1_KEY_BYTES)
assert isinstance(signer, es256.ES256Signer)
assert isinstance(signer._key, ec.EllipticCurvePrivateKey) 示例6: test_from_string_pkcs1_unicode
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_from_string_pkcs1_unicode(self):
key_bytes = _helpers.from_bytes(PKCS1_KEY_BYTES)
signer = es256.ES256Signer.from_string(key_bytes)
assert isinstance(signer, es256.ES256Signer)
assert isinstance(signer._key, ec.EllipticCurvePrivateKey) 示例7: test_from_service_account_info
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_from_service_account_info(self):
signer = es256.ES256Signer.from_service_account_info(SERVICE_ACCOUNT_INFO)
assert signer.key_id == SERVICE_ACCOUNT_INFO[base._JSON_FILE_PRIVATE_KEY_ID]
assert isinstance(signer._key, ec.EllipticCurvePrivateKey) 示例8: test_from_service_account_file
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_from_service_account_file(self):
signer = es256.ES256Signer.from_service_account_file(SERVICE_ACCOUNT_JSON_FILE)
assert signer.key_id == SERVICE_ACCOUNT_INFO[base._JSON_FILE_PRIVATE_KEY_ID]
assert isinstance(signer._key, ec.EllipticCurvePrivateKey) 示例9: test_ecc
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_ecc(self):
with self.assertSignal(pre_create_ca) as pre, self.assertSignal(post_create_ca) as post:
out, err = self.init_ca(
algorithm=hashes.SHA1(),
key_type='ECC',
key_size=1024,
expires=self.expires(720),
pathlen=3,
issuer_url='http://issuer.ca.example.com',
issuer_alt_name={'value': ['http://ian.ca.example.com']},
crl_url=['http://crl.example.com'],
ocsp_url='http://ocsp.example.com',
ca_issuer_url='http://ca.issuer.ca.example.com',
permit_name=['DNS:.com'],
exclude_name=['DNS:.net'],
)
self.assertTrue(pre.called)
self.assertEqual(out, '')
self.assertEqual(err, '')
ca = CertificateAuthority.objects.first()
self.assertPostCreateCa(post, ca)
self.assertIsInstance(ca.key(None), ec.EllipticCurvePrivateKey)
self.assertEqual(ca.name_constraints, NameConstraints({'value': {
'permitted': ['DNS:.com'],
'excluded': ['DNS:.net'],
}})) 示例10: test_key_pem
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def test_key_pem(enclave_keys_dir):
private_key = load_private_key(enclave_keys_dir / 'key.pem')
assert isinstance(private_key, ec.EllipticCurvePrivateKey)
assert private_key.key_size == 256
public_key = private_key.public_key()
assert isinstance(public_key.curve, ec.SECP256R1)
assert public_key.key_size == 256 示例11: generate_ec_private_key
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def generate_ec_private_key(curve=None):
"""
Generate EC private key.
Args:
curve (ec.EllipticCurve): EC if not provided SECP384R1 used.
Return:
ec.EllipticCurvePrivateKey
"""
curve = ec.SECP384R1() if curve is None else curve
return ec.generate_private_key(
curve=curve,
backend=cryptography_default_backend
) 示例12: serialize_key_to_pem
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def serialize_key_to_pem(key):
"""
Serialize private key to OpenSSL format with PEM encoding.
Args:
key (rsa.RSAPrivateKey, ec.EllipticCurvePrivateKey): Key to serialize
Returns:
PEM text representing serialized key.
"""
return key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
).decode('utf-8') 示例13: __init__
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def __init__(self, priv_key, algorithm):
"""Constructor for EcdsaSign.
Args:
priv_key: ec.EllipticCurvePrivateKey, the Ecdsa private key.
algorithm: string, Ecdsa algorithm as defined at
https://tools.ietf.org/html/rfc7518#section-3.1.
Raises:
TypeError: if the public key is not an instance of
ec.EllipticCurvePublicKey.
UnsupportedAlgorithm: if the algorithm is not supported.
"""
if not isinstance(priv_key, ec.EllipticCurvePrivateKey):
raise TypeError(
"The private key must be an instance of ec.EllipticCurvePrivateKey")
self.priv_key = priv_key
curve_name = ""
if algorithm == "ES256":
self.hash = hashes.SHA256()
curve_name = "secp256r1"
elif algorithm == "ES384":
self.hash = hashes.SHA384()
curve_name = "secp384r1"
elif algorithm == "ES512":
self.hash = hashes.SHA512()
curve_name = "secp521r1"
else:
raise exceptions.UnsupportedAlgorithm(
"Unknown algorithm : %s" % (algorithm))
# In Ecdsa, both the key and the algorithm define the curve. Therefore, we
# must cross check them to make sure they're the same.
if curve_name != priv_key.public_key().curve.name:
raise exceptions.UnsupportedAlgorithm(
"The curve in private key %s and in algorithm % don't match" %
(priv_key.public_key().curve.name, curve_name))
self.algorithm = algorithm 示例14: __init__
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def __init__(self, priv):
self.priv = priv # type: c_ec.EllipticCurvePrivateKey
self.publ = PubKey(self.priv.public_key()) 示例15: sign_data
# 需要导入模块: from cryptography.hazmat.primitives.asymmetric import ec [as 别名]
# 或者: from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey [as 别名]
def sign_data(self, data):
from OpenSSL import crypto
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import dsa, rsa
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import load_pem_private_key
private_key_str = self.get_private_key()
# The pyOpenSSL sign operation seems broken and corrupts memory, atleast for EC, so let's use
# the cryptography package instead
# try:
# private_key = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
# private_key_str, '')
# signature = OpenSSL.crypto.sign(private_key,
# data,
# "sha256")
# except Exception as err:
# _log.error("Failed to sign data, err={}".format(err))
# raise
try:
private_key = load_pem_private_key(private_key_str, password=None, backend=default_backend())
if isinstance(private_key, ec.EllipticCurvePrivateKey):
signature = private_key.sign(data, ec.ECDSA(hashes.SHA256()))
elif isinstance(private_key, rsa.RSAPrivateKey):
signature = sign_with_rsa_key(private_key, message)
elif isinstance(private_key, dsa.DSAPrivateKey):
signature = sign_with_dsa_key(private_key, message)
else:
raise TypeError
except Exception as err:
_log.error("Failed to sign data, err={}".format(err))
raise
return signature