Hi Pim, Answers inline.
On January 9, 2017 at 12:19:29 AM, Pim van der Eijk (Lists) ( li...@sonnenglanz.net) wrote: Hi, I am using cryptography to implement the KeyInfo part of W3C XML Signature and am looking to add support for EC keys. The following is part of an example structure I would like to be able to process: <ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#"; <http://www.w3.org/2009/xmldsig11#>> <NamedCurve URI="urn:oid:1.2.840.10045.3.1.7" /> <PublicKey> vWccUP6Jp3pcaMCGIcAh3YOev4gaa2ukOANC7Ufg Cf8KDO7AtTOsGJK7/TA8IC3vZoCy9I5oPjRhyTBulBnj7Y </PublicKey></ECKeyValue> I have two questions. First, according to W3C XML Signature (see https://www.w3.org/TR/xmldsig-core1/#sec-ECKeyValue) the content of PublicKey in ECKeyValue element is: *"**a Base64 encoding of a binary representation of the x and y coordinates of the point.* *Its value is computed as follows:* 1. *Convert the elliptic curve point (x,y) to an octet string by first converting the field elements x and y to octet strings as specified in Section 6.2 of* *https://www.rfc-editor.org/rfc/rfc6090.txt <https://www.rfc-editor.org/rfc/rfc6090.txt>**, and then prepend the concatenated result of the conversion with 0x04. Support for Elliptic-Curve-Point-to-Octet-String conversion without point compression is* *required**.* 2. *Base64 encode the octet string resulting from the conversion in Step 1."* RFC 6090 section 6.2 states: 6.2. Integer-to-Octet-String Conversion The integer x shall be converted to an octet string S of length k as follows. The string S shall satisfy k y = SUM 2^(8(k-i)) Si . i = 1 where S1, ..., Sk are the octets of S from first to last. In other words, the first octet of S has the most significance in the integer, and the last octet of S has the least significance. I am looking to implement this using cryptography. There is an encode_point() function in hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers which is documented to transform "an elliptic curve point to a byte string as described in SEC 1 v2.0 <http://www.secg.org/sec1-v2.pdf> section 2.3.3.". Is this the same encoding as under the quoted section of XML Signature, item (1) ? Yes, encode_point() returns the standard uncompressed form. Second question, the class asymmetric.ec.EllipticCurve has a "name" that is the symbolic name used for the ASN.1 OID For example, OID 1.3.132.0.34 has the name "secp384r1". W3C XML Signature apparently expects the OID encoded as a URN ( https://www.ietf.org/rfc/rfc3061.txt), i.e. something like "urn:oid:1.3.132.0.34". Is there a way in Python to get the OID value for a named curve, rather than its symbolic name? We don't currently encode OIDs as part of the EC classes, but you can file an issue and we can discuss adding them. For now you'll have to maintain your own mapping. Kind Regards, Pim -Paul (reaperhulk)
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
