def sign(self, data, hashAlgorithm):
"""Returns a hexified bit string representing a
signature by this key over the specified data.
Intended for use with pyasn1.type.univ.BitString"""
# There is some non-determinism in ECDSA signatures. Work around
# this by patching ecc.ecdsa.urandom to not be random.
with mock.patch('ecc.ecdsa.urandom', side_effect=notRandom):
# For some reason Key.sign returns an encoded point.
# Decode it so we can encode it as a BITSTRING consisting
# of a SEQUENCE of two INTEGERs.
# Also patch in secp256k1 if applicable.
if self.keyOID == secp256k1:
with mock.patch('ecc.curves.DOMAINS', {256: secp256k1Params}):
x, y = encoding.dec_point(self.key.sign(data, hashAlgorithm.split(':')[-1]))
else:
x, y = encoding.dec_point(self.key.sign(data, hashAlgorithm.split(':')[-1]))
point = ECPoint()
point['x'] = x
point['y'] = y
return byteStringToHexifiedBitString(encoder.encode(point))
def sign(self, data, hashAlgorithmName):
"""Returns a hexified bit string representing a
signature by this key over the specified data.
Intended for use with pyasn1.type.univ.BitString"""
# There is some non-determinism in ECDSA signatures. Work around
# this by patching ecc.ecdsa.urandom to not be random.
with mock.patch('ecc.ecdsa.urandom', side_effect=notRandom):
# For some reason Key.sign returns an encoded point.
# Decode it so we can encode it as a BITSTRING consisting
# of a SEQUENCE of two INTEGERs.
# Also patch in secp256k1 if applicable.
if self.keyOID == secp256k1:
with mock.patch('ecc.curves.DOMAINS', {256: secp256k1Params}):
x, y = encoding.dec_point(self.key.sign(data, hashAlgorithmName))
else:
x, y = encoding.dec_point(self.key.sign(data, hashAlgorithmName))
point = ECPoint()
point.setComponentByName('x', x)
point.setComponentByName('y', y)
return byteStringToHexifiedBitString(encoder.encode(point))
def sign(self, data, hashAlgorithm):
"""Returns a hexified bit string representing a
signature by this key over the specified data.
Intended for use with pyasn1.type.univ.BitString"""
# ecc.Key.sign returns an encoded point, which is useful in some
# situations. However, for signatures on X509 certificates, we
# need to decode it so we can encode it as a BITSTRING
# consisting of a SEQUENCE of two INTEGERs.
x, y = encoding.dec_point(self.signRaw(data, hashAlgorithm))
point = ECPoint()
point['x'] = x
point['y'] = y
return byteStringToHexifiedBitString(encoder.encode(point))
def sign(self, data, hashAlgorithm):
"""Returns a hexified bit string representing a
signature by this key over the specified data.
Intended for use with pyasn1.type.univ.BitString"""
# ecc.Key.sign returns an encoded point, which is useful in some
# situations. However, for signatures on X509 certificates, we
# need to decode it so we can encode it as a BITSTRING
# consisting of a SEQUENCE of two INTEGERs.
x, y = encoding.dec_point(self.signRaw(data, hashAlgorithm))
point = ECPoint()
point['x'] = x
point['y'] = y
return byteStringToHexifiedBitString(encoder.encode(point))
def sign(self, data, digest):
"""Returns a hexified bit string representing a
signature by this key over the specified data.
Intended for use with pyasn1.type.univ.BitString"""
# This should really only be used with SHA-256
if digest != "SHA-256":
raise ParameterError(digest)
# There is some non-determinism in ECDSA signatures. Work around
# this by patching ecc.ecdsa.urandom to not be random.
with mock.patch('ecc.ecdsa.urandom', side_effect=notRandom):
# For some reason Key.sign returns an encoded point.
# Decode it so we can encode it as a BITSTRING consisting
# of a SEQUENCE of two INTEGERs.
# Also patch in secp256k1 if applicable.
if self.keyOID == secp256k1:
with mock.patch('ecc.curves.DOMAINS', {256: secp256k1Params}):
x, y = encoding.dec_point(self.key.sign(data, 'sha256'))
else:
x, y = encoding.dec_point(self.key.sign(data, 'sha256'))
point = ECPoint()
point.setComponentByName('x', x)
point.setComponentByName('y', y)
return byteStringToHexifiedBitString(encoder.encode(point))
