def setUp(self):
self.cv = []
self.cv.append(ECurve('secp256k1'))
self.cv.append(ECurve('secp256r1'))
self.cv.append(ECurve('E-222'))
self.cv.append(ECurve('M-221'))
self.cv.append(ECurve('Ed25519'))
def test_named(self):
cvws = ECurve('secp112r1')
self.assertIsNotNone(cvws)
cved = ECurve('E-222')
self.assertIsNotNone(cved)
cvmo = ECurve('M-221')
self.assertIsNotNone(cvmo)
cvte = ECurve('Ed25519')
self.assertIsNotNone(cvte)
with self.assertRaises(ValueError):
cvne = ECurve('thisdoesnotexist')
def _der_decode_curve(decoder):
# curve description
ensure_tag(decoder, asn1.Numbers.Sequence)
decoder.enter()
# field order
ensure_tag(decoder, asn1.Numbers.OctetString)
_, p = decoder.read()
p = _bebytes_to_int(p)
# curve type (enum)
ensure_tag(decoder, asn1.Numbers.Enumerated)
_, ctype = decoder.read()
# curve equation coefficients
ensure_tag(decoder, asn1.Numbers.Sequence)
decoder.enter()
ensure_tag(decoder, asn1.Numbers.OctetString)
_, cp0 = decoder.read()
cp0 = _bebytes_to_int(cp0)
ensure_tag(decoder, asn1.Numbers.OctetString)
_, cp1 = decoder.read()
cp1 = _bebytes_to_int(cp1)
decoder.leave()
# curve order
ensure_tag(decoder, asn1.Numbers.OctetString)
_, n = decoder.read()
n = _bebytes_to_int(n)
# curve cofactor
ensure_tag(decoder, asn1.Numbers.OctetString)
_, h = decoder.read()
h = _bebytes_to_int(h)
# generator point
ensure_tag(decoder, asn1.Numbers.Sequence)
decoder.enter()
ensure_tag(decoder, asn1.Numbers.OctetString)
_, gx = decoder.read()
gx = _bebytes_to_int(gx)
ensure_tag(decoder, asn1.Numbers.OctetString)
_, gy = decoder.read()
gy = _bebytes_to_int(gy)
decoder.leave()
# curve field bitsize
ensure_tag(decoder, asn1.Numbers.Integer)
_, bits = decoder.read()
decoder.leave()
if ctype == 2:
curve = ECurve.ShortWeierstrass(p, cp0, cp1, n, h, gx, gy, bits)
elif ctype == 3:
curve = ECurve.Edwards(p, cp0, cp1, n, h, gx, gy, bits)
elif ctype == 4:
curve = ECurve.Montgomery(p, cp0, cp1, n, h, gx, gy, bits)
elif ctype == 5:
curve = ECurve.TwistedEdwards(p, cp0, cp1, n, h, gx, gy, bits)
else:
raise ValueError('Unknown Curve Type')
return curve
def setUp(self):
self.cv = []
self.cv.append(ECurve('secp256k1'))
self.cv.append(ECurve('secp256r1'))
self.cv.append(ECurve('E-222'))
self.cv.append(ECurve('M-221'))
self.cv.append(ECurve('Ed25519'))
self.hm = []
self.hm.append(SHA256)
self.hm.append(SHA384)
self.hm.append(SHA512)
def test_getattr(self):
curves = ECurve._CurveNames()
for c in curves:
cva = ECurve(c)
p = cva.p
n = cva.n
h = cva.h
G = cva.G
bits = cva.bits
ctype = cva.ctype
if ctype == 'ShortWeierstrass':
a = cva.a
b = cva.b
cvb = ECurve.ShortWeierstrass(p, a, b, n, h, G[0], G[1], bits)
elif ctype == 'Edwards':
c = cva.c
d = cva.d
cvb = ECurve.Edwards(p, c, d, n, h, G[0], G[1], bits)
elif ctype == 'Montgomery':
B = cva.B
A = cva.A
cvb = ECurve.Montgomery(p, B, A, n, h, G[0], G[1], bits)
else:
self.assertEqual(ctype, "TwistedEdwards")
a = cva.a
d = cva.d
cvb = ECurve.TwistedEdwards(p, a, d, n, h, G[0], G[1], bits)
self.assertEqual(cva, cvb)
def test_parameters(self):
cvws1 = ECurve('secp112r1')
self.assertIsNotNone(cvws1)
cvws2 = ECurve.ShortWeierstrass(0xDB7C2ABF62E35E668076BEAD208B,
0xDB7C2ABF62E35E668076BEAD2088,
0x659EF8BA043916EEDE8911702B22,
0xDB7C2ABF62E35E7628DFAC6561C5, 1,
0x09487239995A5EE76B55F9C2F098,
0xA89CE5AF8724C0A23E0E0FF77500, 112)
self.assertIsNotNone(cvws2)
self.assertEqual(cvws1, cvws2)
#
cved1 = ECurve('E-222')
self.assertIsNotNone(cved1)
cved2 = ECurve.Edwards(
0x3fffffffffffffffffffffffffffffffffffffffffffffffffffff8b, 1,
160102, 0xffffffffffffffffffffffffffff70cbc95e932f802f31423598cbf,
4, 0x19b12bb156a389e55c9768c303316d07c23adab3736eb2bc3eb54e51,
0x1c, 222)
self.assertIsNotNone(cved2)
self.assertEqual(cved1, cved2)
#
cvmo1 = ECurve('M-221')
self.assertIsNotNone(cvmo1)
cvmo2 = ECurve.Montgomery(
0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffd, 1,
117050, 0x40000000000000000000000000015a08ed730e8a2f77f005042605b,
8, 0x4, 0xf7acdd2a4939571d1cef14eca37c228e61dbff10707dc6c08c5056d,
221)
self.assertIsNotNone(cvmo2)
self.assertEqual(cvmo1, cvmo2)
#
cvte1 = ECurve('Ed25519')
self.assertIsNotNone(cvte1)
cvte2 = ECurve.TwistedEdwards(
0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED,
0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEC,
0x52036CEE2B6FFE738CC740797779E89800700A4D4141D8AB75EB4DCA135978A3,
0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED,
8,
0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A,
0x6666666666666666666666666666666666666666666666666666666666666658,
255)
self.assertIsNotNone(cvte2)
self.assertEqual(cvte1, cvte2)
def test_point_check(self):
cvws = ECurve('secp112r1')
self.assertIsNotNone(cvws)
status = cvws.PointIsValid(0x09487239995A5EE76B55F9C2F098,
0xA89CE5AF8724C0A23E0E0FF77500)
self.assertEqual(status, True)
status = cvws.PointIsValid(0x09487239995A5EE76B55F9C2F098, 0)
self.assertEqual(status, False)
#
cved = ECurve('E-222')
self.assertIsNotNone(cved)
status = cved.PointIsValid(
0x19b12bb156a389e55c9768c303316d07c23adab3736eb2bc3eb54e51, 0x1c)
self.assertEqual(status, True)
status = cved.PointIsValid(
0x19b12bb156a389e55c9768c303316d07c23adab3736eb2bc3eb54e51, 0)
self.assertEqual(status, False)
#
cvmo = ECurve('M-221')
self.assertIsNotNone(cvmo)
status = cvmo.PointIsValid(
0x4, 0xf7acdd2a4939571d1cef14eca37c228e61dbff10707dc6c08c5056d)
self.assertEqual(status, True)
status = cvmo.PointIsValid(0x4, 0)
self.assertEqual(status, False)
#
cvte = ECurve('Ed25519')
self.assertIsNotNone(cvte)
status = cvte.PointIsValid(
0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A,
0x6666666666666666666666666666666666666666666666666666666666666658)
self.assertEqual(status, True)
status = cvte.PointIsValid(
0x216936D3CD6E53FEC0A4E231FDD6DC5C692CC7609525A7B2C9562D608F25D51A,
0)
self.assertEqual(status, False)
a = 1
b = 0
gx = 2
gy = 53
bits = 9
p = 227
n = 19
h = 12
a = 1
b = 0
gx = 2
gy = 64
bits = 8
curve = ECurve.ShortWeierstrass(p, a, b, n, h, gx, gy, bits)
privkey = int(FieldElement.urandom(curve.p))
f_a = FieldElement(a, p)
f_b = FieldElement(b, p)
ECPt = []
for x in range(0, p):
# Weierstrass equation is y**2 = x**3 + ax + b
f_x = FieldElement(x, p)
f_y_2 = pow(f_x, 3) + (f_a * f_x) + b
f_y = f_y_2.sqrt()
if f_y is not None:
#print("pt(0x%X, 0x%X)" % (int(f_x), int(f_y)))
assert curve.PointIsValid(int(f_x), int(f_y))
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
from ECC import FieldElement, ECurve
from example_der import der_encode_privkey
from example_pem import pem_wrap
from argparse import ArgumentParser
import base64
import sys
desc = ('ecdh-gen generates a private key for elliptic curve cryptography '
'based on a specific curve. The private key value is simply a '
'random number ')
parser = ArgumentParser(description=desc)
parser.add_argument('-l', '--list_curves', action='store_true', help='list supported curves')
parser.add_argument('-c', '--curve', default='secp256k1', help='choose standard curve')
clargs = parser.parse_args()
if clargs.list_curves:
clist = ECurve._CurveNames()
for c in clist:
print(c)
sys.exit(0)
curve = ECurve(clargs.curve)
privkey = int(FieldElement.urandom(curve.p))
DERkey = der_encode_privkey(privkey, curve)
print(pem_wrap(DERkey, 'ECDH PRIVATE KEY'))
