Enum class SignatureScheme
Package: keychain.constants
Description
Public-key signing algorithm.
This enum defines specific digital signature schemes with concrete parameters for each algorithm class. Each scheme specifies the exact curve, key size, or other parameters needed for creating and verifying digital signatures.
Since: v2.0
Enum Class Summary
| Enum Constant | Value | Description |
|---|---|---|
150 |
ECDSA over randomly generated, 112-bit prime-field Weierstrass curve secp112r2 |
|
149 |
ECDSA over randomly generated, 128-bit prime-field Weierstrass curve secp128r1 |
|
129 |
ECDSA over 160-bit prime-field Weierstrass curve secp160r1 |
|
130 |
ECDSA over 192-bit prime-field Weierstrass curve secp192k1 |
|
131 |
ECDSA over randomly generated, 224-bit prime-field Weierstrass curve secp224r1 |
|
132 |
ECDSA over randomly generated, 256-bit prime-field Weierstrass curve secp256r1 |
|
133 |
ECDSA over 384-bit prime-field Weierstrass curve secp384r1 |
|
134 |
ECDSA over 521-bit prime-field Weierstrass curve secp512r1 |
|
152 |
ECGDSA over randomly generated, 112-bit prime-field Weierstrass curve secp112r2 |
|
151 |
ECGDSA over randomly generated, 128-bit prime-field Weierstrass curve secp128r1 |
|
135 |
ECGDSA over 160-bit prime-field Weierstrass curve secp160r1 |
|
136 |
ECGDSA over 192-bit prime-field Weierstrass curve secp192k1 |
|
137 |
ECGDSA over randomly generated, 224-bit prime-field Weierstrass curve secp224r1 |
|
138 |
ECGDSA over randomly generated, 256-bit prime-field Weierstrass curve secp256r1 |
|
139 |
ECGDSA over 384-bit prime-field Weierstrass curve secp384r1 |
|
140 |
ECGDSA over 521-bit prime-field Weierstrass curve secp512r1 |
|
141 |
RSA Probabilistic Signature Scheme with SHA-256 and 1024-bit key |
|
142 |
RSA Probabilistic Signature Scheme with SHA-256 and 2048-bit key |
|
143 |
RSA Probabilistic Signature Scheme with SHA-256 and 3072-bit key |
|
144 |
RSA Probabilistic Signature Scheme with SHA-256 and 4096-bit key |
|
145 |
Digital Signature Algorithm with 1024-bit key |
|
146 |
Digital Signature Algorithm with 2048-bit key |
|
147 |
Digital Signature Algorithm with 3072-bit key |
|
148 |
Digital Signature Algorithm with 4096-bit key |
Enum Class Detail
ECDSA Schemes
ECDSA_ECP_SECP112R2
Value: 150
Elliptic Curve Digital Signature Algorithm over a randomly generated, 112-bit prime-field Weierstrass curve secp112r2.
ECDSA_ECP_SECP128R1
Value: 149
Elliptic Curve Digital Signature Algorithm over a randomly generated, 128-bit prime-field Weierstrass curve secp128r1.
ECDSA_ECP_SECP160R1
Value: 129
Elliptic Curve Digital Signature Algorithm over 160-bit prime-field Weierstrass curve secp160r1.
ECDSA_ECP_SECP192K1
Value: 130
Elliptic Curve Digital Signature Algorithm over 192-bit prime-field Weierstrass curve secp192k1.
ECDSA_ECP_SECP224R1
Value: 131
Elliptic Curve Digital Signature Algorithm over a randomly generated, 224-bit prime-field Weierstrass curve secp224r1.
ECDSA_ECP_SECP256R1
Value: 132
Elliptic Curve Digital Signature Algorithm over a randomly generated, 256-bit prime-field Weierstrass curve secp256r1.
ECGDSA Schemes
ECGDSA_ECP_SECP112R2
Value: 152
Elliptic Curve Digital Signature Algorithm over a randomly generated, 112-bit prime-field Weierstrass curve secp112r2.
ECGDSA_ECP_SECP128R1
Value: 151
Elliptic Curve Digital Signature Algorithm over a randomly generated, 128-bit prime-field Weierstrass curve secp128r1.
ECGDSA_ECP_SECP160R1
Value: 135
Elliptic Curve Digital Signature Algorithm over 160-bit prime-field Weierstrass curve secp160r1.
ECGDSA_ECP_SECP192K1
Value: 136
Elliptic Curve Digital Signature Algorithm over 192-bit prime-field Weierstrass curve secp192k1.
ECGDSA_ECP_SECP224R1
Value: 137
Elliptic Curve Digital Signature Algorithm over a randomly generated, 224-bit prime-field Weierstrass curve secp224r1.
ECGDSA_ECP_SECP256R1
Value: 138
Elliptic Curve Digital Signature Algorithm over a randomly generated, 256-bit prime-field Weierstrass curve secp256r1.
Usage Example
from keychain.constants import SignatureScheme, SignatureAlgorithmClass
# Select a specific signature scheme
scheme = SignatureScheme.ECDSA_ECP_SECP256R1
print(f"Selected scheme: {scheme}") # Outputs: 132
# Choose scheme based on security requirements
def select_signature_scheme(security_level="medium"):
if security_level == "low":
return SignatureScheme.ECDSA_ECP_SECP160R1
elif security_level == "medium":
return SignatureScheme.ECDSA_ECP_SECP256R1
elif security_level == "high":
return SignatureScheme.ECDSA_ECP_SECP384R1
else:
return SignatureScheme.RSASS_PSS_4096
recommended_scheme = select_signature_scheme("high")
print(f"Recommended scheme: {recommended_scheme}")
# Get algorithm class from scheme
def get_algorithm_class(scheme):
if "ECDSA" in scheme.name:
return SignatureAlgorithmClass.ECDSA
elif "ECGDSA" in scheme.name:
return SignatureAlgorithmClass.ECGDSA
elif "RSASS" in scheme.name:
return SignatureAlgorithmClass.RSASS
elif "DSA" in scheme.name and "EC" not in scheme.name:
return SignatureAlgorithmClass.DSA
return None
alg_class = get_algorithm_class(scheme)
print(f"Algorithm class: {alg_class}")
# Get key size information
def get_key_size(scheme):
name = scheme.name
if "112" in name:
return 112
elif "128" in name:
return 128
elif "160" in name:
return 160
elif "192" in name:
return 192
elif "224" in name:
return 224
elif "256" in name:
return 256
elif "384" in name:
return 384
elif "521" in name:
return 521
elif "1024" in name:
return 1024
elif "2048" in name:
return 2048
elif "3072" in name:
return 3072
elif "4096" in name:
return 4096
return None
key_size = get_key_size(scheme)
print(f"Key size: {key_size} bits")