ECC¶
ECC (Elliptic Curve Cryptography) is a modern and efficient type of public key cryptography. Its security is based on the difficulty to solve discrete logarithms on the field defined by specific equations computed over a curve.
ECC can be used to create digital signatures or encrypting data.
The main benefit of ECC is that the size of a key is significantly smaller than with more traditional algorithms like RSA or DSA.
For instance, consider the security level equivalent to AES128: an RSA key of similar strength must have a modulus of 3072 bits (therefore the total size is 768 bytes, comprising modulus and private exponent). An ECC private needs as little as 256 bits (32 bytes).
This module provides mechanisms for generating new ECC keys, exporting them using widely supported formats like PEM or DER and importing them back.
Note
This module currently supports only ECC keys defined over the standard NIST P256 curve (see FIPS 1864, Section D.1.2.3). More curves will be added in the future.
The following example demonstrates how to generate a new key, export it, and subsequentely reload it back into the application:
>>> from Crypto.PublicKey import ECC
>>>
>>> key = ECC.generate(curve='P256')
>>>
>>> f = open('myprivatekey.pem','wt')
>>> f.write(key.export_key('PEM'))
>>> f.close()
...
>>> f = open('myprivatekey.pem','rt')
>>> key = RSA.import_key(f.read())
The ECC key can be used to perform or verify ECDSA signatures, using the module
Crypto.Signature.DSS
.

class
Crypto.PublicKey.ECC.
EccKey
(**kwargs)¶ Class defining an ECC key. Do not instantiate directly. Use
generate()
,construct()
orimport_key()
instead.Variables:  curve (string) – The name of the ECC curve
 pointQ (
EccPoint
) – an ECC point representating the public component  q (integer) – A scalar representating the private component

export_key
(**kwargs)¶ Export this ECC key.
Parameters:  format (string) –
The format to use for wrapping the key:
 passphrase (byte string or string) – The passphrase to use for protecting the private key.
 use_pkcs8 (boolean) –
If
True
(default and recommended), the PKCS#8 representation will be used.If
False
, the much weaker and PEM encryption mechanism will be used.  protection (string) – When a private key is exported with passwordprotection
and PKCS#8 (both
DER
andPEM
formats), this parameter MUST be present and be a valid algorithm supported byCrypto.IO.PKCS8
. It is recommended to usePBKDF2WithHMACSHA1AndAES128CBC
.
Warning
If you don’t provide a passphrase, the private key will be exported in the clear!
Note
When exporting a private key with passwordprotection and PKCS#8 (both
DER
andPEM
formats), any extra parameters is passed toCrypto.IO.PKCS8
.Returns: A multiline string (for PEM and OpenSSH) or bytes (for DER) with the encoded key.  format (string) –

has_private
()¶ True
if this key can be used for making signatures or decrypting data.

class
Crypto.PublicKey.ECC.
EccPoint
(x, y)¶ A class to abstract a point over an Elliptic Curve.
Variables:  x (integer) – The Xcoordinate of the ECC point
 y (integer) – The Ycoordinate of the ECC point

Crypto.PublicKey.ECC.
construct
(**kwargs)¶ Build a new ECC key (private or public) starting from some base components.
Parameters:  curve (string) – Mandatory. It must be “P256”, “prime256v1” or “secp256r1”.
 d (integer) – Only for a private key. It must be in the range
[1..order1]
.  point_x (integer) – Mandatory for a public key. X coordinate (affine) of the ECC point.
 point_y (integer) – Mandatory for a public key. Y coordinate (affine) of the ECC point.
Returns: a new ECC key object
Return type:

Crypto.PublicKey.ECC.
generate
(**kwargs)¶ Generate a new private key on the given curve.
Parameters:  curve (string) – Mandatory. It must be “P256”, “prime256v1” or “secp256r1”.
 randfunc (callable) – Optional. The RNG to read randomness from.
If
None
,Crypto.Random.get_random_bytes()
is used.

Crypto.PublicKey.ECC.
import_key
(encoded, passphrase=None)¶ Import an ECC key (public or private).
Parameters:  encoded (bytes or multiline string) –
The ECC key to import.
An ECC public key can be:
 An X.509 certificate, binary (DER) or ASCII (PEM)
 An X.509
subjectPublicKeyInfo
, binary (DER) or ASCII (PEM)  An OpenSSH line (e.g. the content of
~/.ssh/id_ecdsa
, ASCII)
An ECC private key can be:
Private keys can be in the clear or passwordprotected.
 passphrase (byte string) – The passphrase to use for decrypting a private key. Encryption may be applied protected at the PEM level or at the PKCS#8 level. This parameter is ignored if the key in input is not encrypted.
Returns: a new ECC key object
Return type: Raises: ValueError
– when the given key cannot be parsed (possibly because the pass phrase is wrong). encoded (bytes or multiline string) –