search

AntonKueltz / fastecdsa

Python library for fast elliptic curve crypto
https://pypi.python.org/pypi/fastecdsa
The Unlicense
264 stars 77 forks source link

-Add get curve by name #28

Closed sirk390 closed 5 years ago

AntonKueltz commented 5 years ago

You can actually do this by just inspecting the module itself. The OID lookup is there for ASN.1 purposes as we have to get the curve instance based on the OID encoding to properly create point objects.


from fastecdsa import curve

lookup = vars(curve)
P256 = lookup.get('P256')
sirk390 commented 5 years ago

It works but it would return any symbol from the curve module like 'Curve' . This makes is not safe to use on untrusted user input. Maybe create a dictionary at top level with curves only, or loop through the list of oid_lookup

AntonKueltz commented 5 years ago

Agreed, the above was just an example, you can of course always add checks and constraints as needed based on your applications needs -

from fastecdsa import curve
curve_lookup = {k: v for k, v in vars(curve).items() if isinstance(v, curve.Curve)}

That gives me a lookup of -

{'P192': P192,
 'P224': P224,
 'P256': P256,
 'P384': P384,
 'P521': P521,
 'brainpoolP160r1': brainpoolP160r1,
 'brainpoolP192r1': brainpoolP192r1,
 'brainpoolP224r1': brainpoolP224r1,
 'brainpoolP256r1': brainpoolP256r1,
 'brainpoolP320r1': brainpoolP320r1,
 'brainpoolP384r1': brainpoolP384r1,
 'brainpoolP512r1': brainpoolP512r1,
 'secp192k1': secp192k1,
 'secp224k1': secp224k1,
 'secp256k1': secp256k1}

But I'd rather the applications using the package do this sort of thing rather than adding a bunch of special use case data members and functions into the core classes.