# Author: Hubert Kario # See the LICENSE file for legal information regarding use of this file. """Abstract class for EdDSA.""" class EdDSAKey(object): """This is an abstract base class for EdDSA keys. Particular implementations of EdDSA keys, such as :py:class:`~.python_eddsakey.Python_EdDSAKey` ... more coming inherit from this. To create or parse an EdDSA key, don't use one of these classes directly. Instead, use the factory functions in :py:class:`~tlslite.utils.keyfactory`. """ def __len__(self): """Return the size of the order of the curve of this key, in bits. :rtype: int """ raise NotImplementedError() def hasPrivateKey(self): """Return whether or not this key has a private component. :rtype: bool """ raise NotImplementedError() def _hashAndSign(self, data): raise NotImplementedError() def _hashAndVerify(self, signature, data): raise NotImplementedError() def hashAndSign(self, data, rsaScheme=None, hAlg=None, sLen=None): """Hash and sign the passed-in bytes. This requires the key to have a private component. It performs a signature on the passed-in data with selected hash algorithm. :type bytes: bytes-like object :param bytes: The value which will be hashed and signed. :type rsaScheme: str :param rsaScheme: Ignored, present for API compatibility with RSA :type hAlg: str :param hAlg: Ignored, present for API compatibility with RSA/ECDSA :type sLen: int :param sLen: Ignored, present for API compatibility with RSA :rtype: bytearray :returns: An EdDSA signature on the passed-in data. """ return self._hashAndSign(data) def hashAndVerify(self, sig_bytes, data, rsaScheme=None, hAlg=None, sLen=None): """Hash and verify the passed-in bytes with the signature. This verifies an EdDSA signature on the passed-in data with the implicit hash algorithm. :type sigBytes: bytearray :param sigBytes: An EdDSA signature :type bytes: str or bytearray :param bytes: The value which will be hashed and verified. :type rsaScheme: str :param rsaScheme: Ignored, present for API compatibility with RSA :type hAlg: str :param hAlg: Ignored, present for API compatibility with RSA :type sLen: int :param sLen: Ignored, present for API compatibility with RSA :rtype: bool :returns: Whether the signature matches the passed-in data. """ return self._hashAndVerify(sig_bytes, data) @staticmethod def sign(self, bytes, padding=None, hashAlg="sha1", saltLen=None): """Sign the passed-in bytes. Note: this method is unsupported for EdDSA keys, as pre-hash signatures are unsupported. Use hashAndSign to perform the Pure EdDSA signature creation. :type bytes: bytearray :param bytes: Ignored :type padding: str :param padding: Ignored :type hashAlg: str :param hashAlg: Ignored :type saltLen: int :param saltLen: Ignored """ raise TypeError("Only Pure EdDSA signatures are supported, use " "hashAndSign() instead.") @staticmethod def verify(self, sigBytes, bytes, padding=None, hashAlg=None, saltLen=None): """Verify the passed-in bytes with the signature. Note: this method is unsupported for EdDSA keys, as pre-hash signatures are unsupported. Use hashAndVerify to perform the Pure EdDSA verification. :type sigBytes: bytearray :param sigBytes: Ignored :type bytes: bytearray :param bytes: Ignored :type padding: str :param padding: Ignored """ raise TypeError("Only Pure EdDSA signatures are supported, use " "hashAndVerify() instead.") def acceptsPassword(self): """Return True if the write() method accepts a password for use in encrypting the private key. :rtype: bool """ raise NotImplementedError() def write(self, password=None): """Return a string containing the key. :rtype: str :returns: A string describing the key, in whichever format (PEM) is native to the implementation. """ raise NotImplementedError() @staticmethod def generate(bits): """Generate a new key with the specified curve. :rtype: ~tlslite.utils.EdDSAKey.EdDSAKey """ raise NotImplementedError()