except ImportError:

import unittest

import os

import shutil

import subprocess

import pytest

from binascii import hexlify, unhexlify

import hashlib

from functools import partial

import hypothesis.strategies as st

from six import b, print_, binary_type

from .keys import SigningKey, VerifyingKey

from .keys import BadSignatureError, MalformedPointError, BadDigestError

from . import util

from .util import number_to_string, encoded_oid_ecPublicKey, MalformedSignature

from .curves import Curve, UnknownCurveError

from .curves import (

BRAINPOOLP320r1,

BRAINPOOLP384r1,

BRAINPOOLP512r1,

Ed25519,

Ed448,

curves,

pass

def run_openssl(cmd):

OPENSSL = "openssl"

p = subprocess.Popen(

priv = SigningKey.generate()

pub = priv.get_verifying_key()

sig = priv.sign(data)

self.assertTrue(pub.verify(sig, data))

pub2 = VerifyingKey.from_string(pub.to_string())

self.assertTrue(pub2.verify(sig, data))

def test_deterministic(self):

secexp = int("9d0219792467d7d37b4d43298a7d0c05", 16)

pub = priv.get_verifying_key()

k = rfc6979.generate_k(

)

sig1 = priv.sign(data, k=k)

sig2 = priv.sign(data, k=k)

self.assertTrue(pub.verify(sig2, data))

self.assertTrue(pub.verify(sig3, data))

self.assertEqual(sig1, sig2)

self.assertRaises(TypeError, SigningKey)

self.assertRaises(TypeError, VerifyingKey)

default = NIST192p

priv = SigningKey.generate()

pub = priv.get_verifying_key()

self.assertEqual(len(pub.to_string()), default.verifying_key_length)

self.assertEqual(len(sig), default.signature_length)

def test_serialize(self):

curve = NIST192p

secexp1 = util.randrange_from_seed__trytryagain(seed, curve.order)

secexp2 = util.randrange_from_seed__trytryagain(seed, curve.order)

self.assertEqual(priv1.to_pem(), priv2.to_pem())

pub1 = priv1.get_verifying_key()

pub2 = priv2.get_verifying_key()

sig1 = priv1.sign(data)

sig2 = priv2.sign(data)

self.assertTrue(pub1.verify(sig1, data))

self.assertEqual(hexlify(pub1.to_string()), hexlify(pub2.to_string()))

def test_nonrandom(self):

def not_much_entropy(numbytes):

return s[:numbytes]

# want to do this with keys you care about, because the secrecy of

# the private key depends upon using different random numbers for

# each signature

self.assertEqual(hexlify(sig1), hexlify(sig2))

def assertTruePrivkeysEqual(self, priv1, priv2):

)

def test_privkey_creation(self):

def not_much_entropy(numbytes):

return s[:numbytes]

s1 = priv1.to_pem()

self.assertEqual(type(s1), binary_type)

priv2 = SigningKey.from_pem(s1)

self.assertTruePrivkeysEqual(priv1, priv2)

priv1 = SigningKey.generate(curve=NIST256p)

s1 = priv1.to_pem()

self.assertEqual(type(s1), binary_type)

priv2 = SigningKey.from_pem(s1)

self.assertTruePrivkeysEqual(priv1, priv2)

priv1 = SigningKey.generate(curve=BRAINPOOLP512r1)

s1 = priv1.to_pem()

self.assertEqual(type(s1), binary_type)

priv2 = SigningKey.from_pem(s1)

self.assertTruePrivkeysEqual(priv1, priv2)

self.assertTruePubkeysEqual(pub1, pub2)

self.assertRaises(

)

badpub = VerifyingKey.from_der(pub1_der)

pem = pub1.to_pem()

self.assertEqual(type(pem), binary_type)

pub2 = VerifyingKey.from_pem(pem)

self.assertTruePubkeysEqual(pub1, pub2)

type_oid_der = encoded_oid_ecPublicKey

curve_oid_der = der.encode_oid(*(1, 2, 840, 10045, 3, 1, 1))

enc_type_der = der.encode_sequence(type_oid_der, curve_oid_der)

to_decode = der.encode_sequence(enc_type_der, point_der)

with self.assertRaises(der.UnexpectedDER):

def test_signature_strings(self):

priv1 = SigningKey.generate()

pub1 = priv1.get_verifying_key()

sig = priv1.sign(data)

self.assertEqual(type(sig), binary_type)

self.assertEqual(type(sig_der), binary_type)

self.assertTrue(pub1.verify(sig_der, data, sigdecode=sigdecode_der))

def test_sig_decode_strings_with_invalid_count(self):

with self.assertRaises(MalformedSignature):

def test_sig_decode_strings_with_wrong_r_len(self):

with self.assertRaises(MalformedSignature):

def test_sig_decode_strings_with_wrong_s_len(self):

with self.assertRaises(MalformedSignature):

def test_verify_with_too_long_input(self):

sk = SigningKey.generate()

vk = sk.verifying_key

with self.assertRaises(BadDigestError):

def test_sk_from_secret_exponent_with_wrong_sec_exponent(self):

with self.assertRaises(MalformedPointError):

def test_sk_from_string_with_wrong_len_string(self):

with self.assertRaises(MalformedPointError):

def test_sk_from_der_with_junk_after_sequence(self):

ver_der = der.encode_integer(1)

with self.assertRaises(der.UnexpectedDER):

SigningKey.from_der(to_decode)

def test_sk_from_der_invalid_const_tag(self):

ver_der = der.encode_integer(1)

curve_oid_der = der.encode_oid(*(1, 2, 3))

const_der = der.encode_constructed(1, curve_oid_der)

to_decode = der.encode_sequence(

def test_sk_from_der_garbage_after_privkey_oid(self):

ver_der = der.encode_integer(1)

const_der = der.encode_constructed(0, curve_oid_der)

to_decode = der.encode_sequence(

ver_der, privkey_der, const_der, curve_oid_der

def test_sk_from_der_with_short_privkey(self):

ver_der = der.encode_integer(1)

curve_oid_der = der.encode_oid(*(1, 2, 840, 10045, 3, 1, 1))

const_der = der.encode_constructed(0, curve_oid_der)

to_decode = der.encode_sequence(

sk = SigningKey.from_secret_exponent(12)

with self.assertRaises(BadDigestError):

def test_hashfunc(self):

sig = sk.sign(data)

vk = VerifyingKey.from_string(

)

self.assertTrue(vk.verify(sig, data))

sk2 = SigningKey.generate(curve=NIST256p)

vk2 = VerifyingKey.from_string(

sk2.get_verifying_key().to_string(),

curve=NIST256p,

)

self.assertTrue(vk2.verify(sig2, data))

vk3 = VerifyingKey.from_string(

sk.get_verifying_key().to_string(), curve=NIST256p

)

def test_public_key_recovery(self):

# Create keys

vk = sk.get_verifying_key()

# Sign a message

signature = sk.sign(data)

# Recover verifying keys

# Create keys

curve = BRAINPOOLP160r1

vk = sk.get_verifying_key()

# Sign a message

signature = sk.sign(data)

# Recover verifying keys

recovered_vks = VerifyingKey.from_public_key_recovery(

)

# Test if each pk is valid

# Test if properties are equal

self.assertEqual(vk.curve, recovered_vk.curve)

# Test if original vk is the list of recovered keys

self.assertIn(

)

self.assertEqual(vk.to_string(), exp)

self.assertEqual(vk.to_string("raw"), exp)

def test_decoding(self):

sk = SigningKey.from_secret_exponent(123456789)

from_raw = VerifyingKey.from_string(enc)

self.assertEqual(from_raw.pubkey.point, vk.pubkey.point)

self.assertEqual(from_uncompressed.pubkey.point, vk.pubkey.point)

self.assertEqual(from_compressed.pubkey.point, vk.pubkey.point)

self.assertEqual(from_uncompressed.pubkey.point, vk.pubkey.point)

def test_uncompressed_decoding_as_only_alowed(self):

)

with self.assertRaises(MalformedPointError):

def test_decoding_with_malformed_compressed(self):

enc = b(

)

with self.assertRaises(MalformedPointError):

def test_decoding_with_inconsistent_hybrid(self):

enc = b(

)

with self.assertRaises(MalformedPointError):

def test_decoding_with_point_not_on_curve(self):

enc = b(

)

with self.assertRaises(MalformedPointError):

def test_decoding_with_point_at_infinity(self):

# decoding it is unsupported, as it's not necessary to encode it

with self.assertRaises(MalformedPointError):

def test_not_lying_on_curve(self):

enc = number_to_string(NIST192p.curve.p(), NIST192p.curve.p() + 1)

with self.assertRaises(MalformedPointError):

def test_from_string_with_invalid_curve_too_short_ver_key_len(self):

# both verifying_key_length and baselen are calculated internally

curve.baselen = 32

with self.assertRaises(MalformedPointError):

def test_from_string_with_invalid_curve_too_long_ver_key_len(self):

# both verifying_key_length and baselen are calculated internally

curve.baselen = 16

with self.assertRaises(MalformedPointError):

@pytest.mark.parametrize(

enc = number_to_string(val, NIST192p.order)

if even:

else:

# small values can both be actual valid public keys and not, verify that

# only expected exceptions are raised if they are not

assert vk.pubkey.point == from_enc.pubkey.point

class OpenSSL(unittest.TestCase):

# test interoperability with OpenSSL tools. Note that openssl's ECDSA

# sign/verify arguments changed between 0.9.8 and 1.0.0: the early

# vk: 3:OpenSSL->python 4:python->OpenSSL

# sig: 5:OpenSSL->python 6:python->OpenSSL

@pytest.mark.skipif(

"secp112r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp112r1",

def test_from_openssl_secp112r1(self):

return self.do_test_from_openssl(SECP112r1)

@pytest.mark.skipif(

"secp112r2" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp112r2",

def test_from_openssl_secp112r2(self):

return self.do_test_from_openssl(SECP112r2)

@pytest.mark.skipif(

"secp128r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp128r1",

def test_from_openssl_secp128r1(self):

return self.do_test_from_openssl(SECP128r1)

@pytest.mark.skipif(

"secp160r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp160r1",

def test_from_openssl_secp160r1(self):

return self.do_test_from_openssl(SECP160r1)

@pytest.mark.skipif(

"prime192v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime192v1",

def test_from_openssl_nist192p(self):

return self.do_test_from_openssl(NIST192p)

@pytest.mark.skipif(

"prime192v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime192v1",

def test_from_openssl_nist192p_sha256(self):

return self.do_test_from_openssl(NIST192p, "SHA256")

@pytest.mark.skipif(

"secp224r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp224r1",

def test_from_openssl_nist224p(self):

return self.do_test_from_openssl(NIST224p)

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_from_openssl_nist256p(self):

return self.do_test_from_openssl(NIST256p)

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_from_openssl_nist256p_sha384(self):

return self.do_test_from_openssl(NIST256p, "SHA384")

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_from_openssl_nist256p_sha512(self):

return self.do_test_from_openssl(NIST256p, "SHA512")

@pytest.mark.skipif(

"secp384r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp384r1",

def test_from_openssl_nist384p(self):

return self.do_test_from_openssl(NIST384p)

@pytest.mark.skipif(

"secp521r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp521r1",

def test_from_openssl_nist521p(self):

return self.do_test_from_openssl(NIST521p)

@pytest.mark.skipif(

"secp256k1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp256k1",

def test_from_openssl_secp256k1(self):

return self.do_test_from_openssl(SECP256k1)

@pytest.mark.skipif(

"brainpoolP160r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP160r1",

def test_from_openssl_brainpoolp160r1(self):

return self.do_test_from_openssl(BRAINPOOLP160r1)

@pytest.mark.skipif(

"brainpoolP192r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP192r1",

def test_from_openssl_brainpoolp192r1(self):

return self.do_test_from_openssl(BRAINPOOLP192r1)

@pytest.mark.skipif(

"brainpoolP224r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP224r1",

def test_from_openssl_brainpoolp224r1(self):

return self.do_test_from_openssl(BRAINPOOLP224r1)

@pytest.mark.skipif(

"brainpoolP256r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP256r1",

def test_from_openssl_brainpoolp256r1(self):

return self.do_test_from_openssl(BRAINPOOLP256r1)

@pytest.mark.skipif(

"brainpoolP320r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP320r1",

def test_from_openssl_brainpoolp320r1(self):

return self.do_test_from_openssl(BRAINPOOLP320r1)

@pytest.mark.skipif(

"brainpoolP384r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP384r1",

def test_from_openssl_brainpoolp384r1(self):

return self.do_test_from_openssl(BRAINPOOLP384r1)

@pytest.mark.skipif(

"brainpoolP512r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP512r1",

def test_from_openssl_brainpoolp512r1(self):

return self.do_test_from_openssl(BRAINPOOLP512r1)

def do_test_from_openssl(self, curve, hash_name="SHA1"):

curvename = curve.openssl_name

assert curvename

os.mkdir("t")

run_openssl("ecparam -name %s -genkey -out t/privkey.pem" % curvename)

run_openssl("ec -in t/privkey.pem -pubout -out t/pubkey.pem")

with open("t/data.txt", "wb") as e:

e.write(data)

run_openssl(

sk_from_p8 = SigningKey.from_pem(privkey_p8_pem)

self.assertEqual(sk, sk_from_p8)

@pytest.mark.skipif(

"secp112r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp112r1",

def test_to_openssl_secp112r1(self):

self.do_test_to_openssl(SECP112r1)

@pytest.mark.skipif(

"secp112r2" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp112r2",

def test_to_openssl_secp112r2(self):

self.do_test_to_openssl(SECP112r2)

@pytest.mark.skipif(

"secp128r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp128r1",

def test_to_openssl_secp128r1(self):

self.do_test_to_openssl(SECP128r1)

@pytest.mark.skipif(

"secp160r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp160r1",

def test_to_openssl_secp160r1(self):

self.do_test_to_openssl(SECP160r1)

@pytest.mark.skipif(

"prime192v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime192v1",

def test_to_openssl_nist192p(self):

self.do_test_to_openssl(NIST192p)

@pytest.mark.skipif(

"prime192v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime192v1",

def test_to_openssl_nist192p_sha256(self):

self.do_test_to_openssl(NIST192p, "SHA256")

@pytest.mark.skipif(

"secp224r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp224r1",

def test_to_openssl_nist224p(self):

self.do_test_to_openssl(NIST224p)

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_to_openssl_nist256p(self):

self.do_test_to_openssl(NIST256p)

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_to_openssl_nist256p_sha384(self):

self.do_test_to_openssl(NIST256p, "SHA384")

@pytest.mark.skipif(

"prime256v1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support prime256v1",

def test_to_openssl_nist256p_sha512(self):

self.do_test_to_openssl(NIST256p, "SHA512")

@pytest.mark.skipif(

"secp384r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp384r1",

def test_to_openssl_nist384p(self):

self.do_test_to_openssl(NIST384p)

@pytest.mark.skipif(

"secp521r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp521r1",

def test_to_openssl_nist521p(self):

self.do_test_to_openssl(NIST521p)

@pytest.mark.skipif(

"secp256k1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support secp256k1",

def test_to_openssl_secp256k1(self):

self.do_test_to_openssl(SECP256k1)

@pytest.mark.skipif(

"brainpoolP160r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP160r1",

def test_to_openssl_brainpoolp160r1(self):

self.do_test_to_openssl(BRAINPOOLP160r1)

@pytest.mark.skipif(

"brainpoolP192r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP192r1",

def test_to_openssl_brainpoolp192r1(self):

self.do_test_to_openssl(BRAINPOOLP192r1)

@pytest.mark.skipif(

"brainpoolP224r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP224r1",

def test_to_openssl_brainpoolp224r1(self):

self.do_test_to_openssl(BRAINPOOLP224r1)

@pytest.mark.skipif(

"brainpoolP256r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP256r1",

def test_to_openssl_brainpoolp256r1(self):

self.do_test_to_openssl(BRAINPOOLP256r1)

@pytest.mark.skipif(

"brainpoolP320r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP320r1",

def test_to_openssl_brainpoolp320r1(self):

self.do_test_to_openssl(BRAINPOOLP320r1)

@pytest.mark.skipif(

"brainpoolP384r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP384r1",

def test_to_openssl_brainpoolp384r1(self):

self.do_test_to_openssl(BRAINPOOLP384r1)

@pytest.mark.skipif(

"brainpoolP512r1" not in OPENSSL_SUPPORTED_CURVES,

reason="system openssl does not support brainpoolP512r1",

def test_to_openssl_brainpoolp512r1(self):

self.do_test_to_openssl(BRAINPOOLP512r1)

def do_test_to_openssl(self, curve, hash_name="SHA1"):

curvename = curve.openssl_name

assert curvename

os.mkdir("t")

sk = SigningKey.generate(curve=curve)

vk = sk.get_verifying_key()

with open("t/pubkey.der", "wb") as e:

e.write(vk.to_der()) # 4

with open("t/pubkey.pem", "wb") as e:

with open("t/data.txt", "wb") as e:

e.write(data)

with open("t/baddata.txt", "wb") as e:

self.assertRaises(

SubprocessError,

OPENSSL_SUPPORTED_TYPES = set()

try:

if "-rawin" in run_openssl("pkeyutl -help"):

c.lower()

for c in ("ED25519", "ED448")

if c in run_openssl("list -public-key-methods")

)

pass

def do_eddsa_test_to_openssl(self, curve):

if os.path.isdir("t"):

shutil.rmtree("t")

os.mkdir("t")

# in practice at least OpenSSL 3.0.0 is needed to make EdDSA signatures

# earlier versions support EdDSA only in X.509 certificates

@pytest.mark.skipif(

"ed25519" not in OPENSSL_SUPPORTED_TYPES,

reason="system openssl does not support signing with Ed25519",

def test_to_openssl_ed25519(self):

return self.do_eddsa_test_to_openssl(Ed25519)

@pytest.mark.skipif(

"ed448" not in OPENSSL_SUPPORTED_TYPES,

reason="system openssl does not support signing with Ed448",

shutil.rmtree("t")

@pytest.mark.skipif(

"ed25519" not in OPENSSL_SUPPORTED_TYPES,

reason="system openssl does not support signing with Ed25519",

def test_from_openssl_ed25519(self):

return self.do_eddsa_test_from_openssl(Ed25519)

@pytest.mark.skipif(

"ed448" not in OPENSSL_SUPPORTED_TYPES,

reason="system openssl does not support signing with Ed448",

)

def test_sign_too_small_curve_dont_allow_truncate_raises(self):

sk = SigningKey.generate(curve=NIST192p)

with self.assertRaises(BadDigestError):

sk.sign(

data,

def test_verify_too_small_curve_dont_allow_truncate_raises(self):

sk = SigningKey.generate(curve=NIST192p)

vk = sk.get_verifying_key()

sig_der = sk.sign(

data,

hashfunc=partial(hashlib.new, "SHA256"),

class DER(unittest.TestCase):

def test_integer(self):

def s(n):

self.assertEqual(

s(1234567890123456789012345678901234567890),

)

def test_number(self):

# self.assertEqual(der.read_number("\x81\x9b" + "more"), (155, 2))

for n in (0, 1, 2, 127, 128, 3 * 128 + 7, 840, 10045): # , 155):

n1, llen = der.read_number(x)

self.assertEqual(n1, n)

def test_length(self):

for n in (0, 1, 2, 127, 128, 255, 256, 3 * 256 + 7, 155):

n1, llen = der.read_length(x)

self.assertEqual(n1, n)

def test_sequence(self):

x1, rest = der.remove_sequence(x)

def test_constructed(self):

x = der.encode_constructed(0, NIST224p.encoded_oid)

class Util(unittest.TestCase):

def test_trytryagain(self):

tta = util.randrange_from_seed__trytryagain

for i in range(1000):

# this trytryagain *does* provide long-term stability

self.assertEqual(

("%x" % (tta("seed", NIST224p.order))).encode(),

)

def test_trytryagain_single(self):

# known issue: https://github.com/warner/python-ecdsa/issues/221

if sys.version_info < (3, 0): # pragma: no branch

self.assertEqual(n, 228)

self.assertEqual(n, 18)

@given(st.integers(min_value=0, max_value=10**200))

def test_randrange(self, i):

# util.randrange does not provide long-term stability: we might

self._do(

generator=SECP256k1.generator,

secexp=int("9d0219792467d7d37b4d43298a7d0c05", 16),

expected=int(

"8fa1f95d514760e498f28957b824ee6ec39ed64826ff4fecc2b5739ec45b91cd",

16,

"cca9fbcc1b41e5a95d369eaa6ddcff73b61a4efaa279cfc6567e8daa39cbaf50",

16,

),

expected=int(

"2df40ca70e639d89528a6b670d9d48d9165fdc0febc0974056bdce192b8e16a3",

16,

self._do(

generator=SECP256k1.generator,

secexp=0x1,

expected=0x8F8A276C19F4149656B280621E358CCE24F5F52542772691EE69063B74F15D15,

)

self._do(

generator=SECP256k1.generator,

secexp=0x1,

).digest(),

expected=0x38AA22D72376B4DBC472E06C3BA403EE0A394DA63FC58D88686C611ABA98D6B3,

)

self._do(

generator=SECP256k1.generator,

secexp=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140,

expected=0x33A19B60E25FB6F4435AF53A3D42D493644827367E6453928554F43E49AA6F90,

)

self._do(

generator=SECP256k1.generator,

secexp=0xF8B8AF8CE3C7CCA5E300D33939540C10D45CE001B8F252BFBC57BA0342904181,

expected=0x525A82B70E67874398067543FD84C83D30C175FDC45FDEEE082FE13B1D7CFDF1,

)

"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF"

)

),

expected=int("23AF4074C90A02B3FE61D286D5C87F425E6BDD81B", 16),

)

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"37D7CA00D2C7B0E5E412AC03BD44BA837FDD5B28CD3B0021", 16

),

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"32B1B6D7D42A05CB449065727A84804FB1A3E34D8F261496", 16

),

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"A2AC7AB055E4F20692D49209544C203A7D1F2C0BFBC75DB1", 16

),

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"D9CF9C3D3297D3260773A1DA7418DB5537AB8DD93DE7FA25", 16

),

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"5C4CE89CF56D9E7C77C8585339B006B97B5F0680B4306C6C", 16

),

self._do(

generator=NIST192p.generator,

secexp=int("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),

expected=int(

"0758753A5254759C7CFBAD2E2D9B0792EEE44136C9480527", 16

),

"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",

16,

),

expected=int(

"089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9",

16,

"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",

16,

),

expected=int(

"0EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0",

16,

"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538",

16,

),

expected=int(

"16200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56D",

16,

),

)

def test_brainpoolP384r1(self):

self._do(

curve=curve_brainpoolp384r1,

),

)

def test_brainpoolP512r1(self):

self._do(

curve=curve_brainpoolp512r1,

),

)

def test_brainpoolP384r1(self):

self._do(

curve=curve_brainpoolp384r1,

),

)

def test_brainpoolP512r1(self):

self._do(

curve=curve_brainpoolp512r1,

"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D",

"9E56F509196784D963D1C0A401510EE7ADA3DCC5DEE04B154BF61AF1D5A6DECE",

b"abc",

"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C",

"86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315",

NIST256p,

"B4B74E44D71A13D568003D7489908D564C7761E229C58CBFA18950096EB7463B"

"854D7FA992F934D927376285E63414FA",

b"abc",

"FB017B914E29149432D8BAC29A514640B46F53DDAB2C69948084E2930F1C8F7E"

"08E07C9C63F2D21A07DCB56A6AF56EB3",

"B263A1305E057F984D38726A1B46874109F417BCA112674C528262A40A629AF1"

"373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B95"

"6C2F",

b"abc",

"0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339"

"B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE54432055"

"2251",