ECDSA backend

author: Alex Stapleton <alexs@prol.etari.at> 2014-05-17 13:19:15 +0100
committer: Alex Stapleton <alexs@prol.etari.at> 2014-06-07 19:04:27 +0100
commit: e47bafb9b620b557aeb48fce4734a568d6dc0b38 (patch)
tree: 6fe6155fca2d6943f7615ea391e43538d6394c38 /docs
parent: ddadf40234e97cd5b7e5f7b3a3a03d38900cb291 (diff)
download: cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.tar.gz
cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.tar.bz2
cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.zip
3 files changed, 182 insertions, 6 deletions
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index f88b965a..798fbab1 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -1,11 +1,30 @@
 .. hazmat::
 
-Elliptic Curve
-==============
+Elliptic Curve Cryptography
+===========================
 
 .. currentmodule:: cryptography.hazmat.primitives.asymmetric.ec
 
 
+,, method:: generate_private_key(curve, backend):
+
+    .. versionadded:: 0.5
+
+    Generate a new private key on ``curve`` for use with ``backend``.
+
+    :param backend: A
+        :class:`~cryptography.hazmat.primtives.interfaces.EllipticCurve`
+        provider.
+
+    :param backend: A
+        :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
+        provider.
+
+    :returns: A new instance of a
+        :class:`~cryptography.hazmat.primtivies.interfaces.EllipticCurvePrivateKey`
+        provider.
+
+
 .. class:: EllipticCurvePrivateNumbers(private_value, public_numbers)
 
     .. versionadded:: 0.5
@@ -25,6 +44,19 @@ Elliptic Curve
 
         The private value.
 
+    .. method:: private_key(backend)
+
+        Convert a collection of numbers into a private key suitable for doing
+        actual cryptographic operations.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
+            provider.
+
+        :returns: A new instance of a
+            :class:`~cryptography.hazmat.primtivies.interfaces.EllipticCurvePrivateKey`
+            provider.
+
 
 .. class:: EllipticCurvePublicNumbers(x, y, curve)
 
@@ -49,3 +81,149 @@ Elliptic Curve
         :type: int
 
         The affine y component of the public point used for verifying.
+
+    .. method:: public_key(backend)
+
+        Convert a collection of numbers into a public key suitable for doing
+        actual cryptographic operations.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`
+            provider.
+
+        :returns: A new instance of a
+            :class:`~cryptography.hazmat.primtivies.interfaces.EllipticCurvePublicKey`
+            provider.
+
+
+Elliptic Curve Signature Algorithms
+-----------------------------------
+
+.. class:: ECDSA(algorithm)
+    .. versionadded:: 0.5
+
+    The ECDSA signature algorithm first standardized in NIST publication
+    `FIPS 186-3`_, and later in `FIPS 186-4`_.
+
+    :param algorithm: An instance of a
+        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        provider.
+
+    .. code-block:: pycon
+
+        >>> from cryptography.hazmat.backends import default_backend
+        >>> from cryptography.hazmat.primitives import hashes
+        >>> from cryptography.hazmat.primitives.asymmetric import ec
+        >>> private_key = ec.generate_private_key(
+        ...     ec.SECT283K1(), default_backend()
+        ... )
+        >>> signer = private_key.signer(ec.ECDSA(hashes.SHA256()))
+        >>> signer.update(b"this is some data I'd like")
+        >>> signer.update(b" to sign")
+        >>> signature = signer.finalize()
+
+Elliptic Curves
+---------------
+
+All named curves are providers of
+:class:`~cryptography.hazmat.primtives.interfaces.EllipticCurve`.
+
+There is `some concern`_ that the non-Koblitz NIST curves (identified by names
+that start with "B" or "P") may have been intentionally weakened by their
+generation process.
+
+
+.. class:: SECT571K1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect571k1``. Also called NIST K-571.
+
+
+.. class:: SECT409K1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect409k1``. Also called NIST K-409.
+
+
+.. class:: SECT283K1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect283k1``. Also called NIST K-283.
+
+
+.. class:: SECT233K1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect233k1``. Also called NIST K-233.
+
+
+.. class:: SECT163K1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect163k1``. Also called NIST K-163.
+
+
+.. class:: SECT571R1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect571r1``. Also called NIST B-571.
+
+
+.. class:: SECT409R1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect409r1``. Also called NIST B-409.
+
+
+.. class:: SECT283R1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect283r1``. Also called NIST B-283.
+
+
+.. class:: SECT233R1
+    .. versionadded:: 0.5
+
+    SECG curve ``sect233r1``. Also called NIST B-233.
+
+
+.. class:: SECT163R2
+    .. versionadded:: 0.5
+
+    SECG curve ``sect163r2``. Also called NIST B-163.
+
+
+.. class:: SECP521R1
+    .. versionadded:: 0.5
+
+    SECG curve ``secp521r1``. Also called NIST P-521.
+
+
+.. class:: SECP384R1
+    .. versionadded:: 0.5
+
+    SECG curve ``secp384r1``. Also called NIST P-384.
+
+
+.. class:: SECP256R1
+    .. versionadded:: 0.5
+
+    SECG curve ``secp256r1``. Also called NIST P-256.
+
+
+.. class:: SECT224R1
+    .. versionadded:: 0.5
+
+    SECG curve ``secp224r1``. Also called NIST P-224.
+
+
+.. class:: SECP192R1
+    .. versionadded:: 0.5
+
+    SECG curve ``secp192r1``. Also called NIST P-192.
+
+
+
+.. _`FIPS 186-3`: http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
+.. _`FIPS 186-4`: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
+.. _`some concern`: https://crypto.stackexchange.com/questions/10263/should-we-trust-the-nist-recommended-ecc-parameters
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index 34e4e938..d5ca59ab 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -411,7 +411,6 @@ Asymmetric interfaces
     `EdDSA`_.
 
     .. classmethod:: signer(signature_algorithm)
-
         Sign data which can be verified later by others using the public key.
 
         :param signature_algorithm: An instance of a
@@ -421,7 +420,6 @@ Asymmetric interfaces
         :returns:
             :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
 
-    .. attribute:: curve
 
         :type: :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurve`
 
@@ -440,8 +438,7 @@ Asymmetric interfaces
 
     An elliptic curve public key.
 
-    .. classmethod:: verifier(signer, signature_algorithm)
-
+    .. classmethod:: verifier(signature, signature_algorithm)
         Verify data was signed by the private key associated with this public
         key.
 
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 9baf0822..d5a2bee3 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -27,6 +27,7 @@ interoperable
 introspectability
 invariants
 iOS
+Koblitz
 metadata
 pickleable
 plaintext
author	Alex Stapleton <alexs@prol.etari.at>	2014-05-17 13:19:15 +0100
committer	Alex Stapleton <alexs@prol.etari.at>	2014-06-07 19:04:27 +0100
commit	e47bafb9b620b557aeb48fce4734a568d6dc0b38 (patch)
tree	6fe6155fca2d6943f7615ea391e43538d6394c38 /docs
parent	ddadf40234e97cd5b7e5f7b3a3a03d38900cb291 (diff)
download	cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.tar.gz cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.tar.bz2 cryptography-e47bafb9b620b557aeb48fce4734a568d6dc0b38.zip