Elliptic Curve Cryptography¶
This module offer cryptographic primitives based on Elliptic Curves. In particular it provides key generation and validation, signing, and verifying, for the following curves:
secp256k1 (used by Bitcoin)
The module is based on MicroECC patched with functions to enable public key recovery (mainly for blockchain applications).
The module defines the following constants defining curves:
Return a tuple of two elements. The first element is a byte object containing the uncompressed representation of the generated public key. The second element is a byte object containing the representation of the generated public key.
curve specifies the curve to use
This function uses the random number generator provided by the VM. For real world usage and enhanced security the random number generator must be of cryptographic quality (generally implemented in hardware).
pbkey (in uncompressed format) is a valid public key for
Return a byte object containing the uncompressed representation of the public key matching
pvkey for curve
ValueError if derivation is not possible.
Return a compressed representation of
Return a uncompressed representation of
verify(curve, message, signature, pbkey)
signature is a valid signature for message
curve and a public key
sign(curve, message, pvkey, deterministic = False, recoverable = False)
Return the signature of
pvkey for curve
curve. Usually the message to sign is not the entire message but a hash of it. The
deterministic parameter, if given, creates a deterministic signature according to RFC6979 . If given, the
deterministic parameter must be an instance of a hash class from module
crypto.hash. Deterministic signatures are not dependent on a good random number generator for their security and can therefore be used in hardware without such capabilities. If
recoverable is given and True, the returned object is a tuple such that the first element is the recovery id and the second element is the signature. The recovery id is a parameter that can be used to derive the public key from a just a valid signature. For more info refer to this paper.