retr0.id
A from-scratch atproto PDS implementation in Python (mirrors https://github.com/DavidBuchanan314/millipds)
copilot: Refactor ECDSA signing to use non-deterministic signing method
+2
-4
src/millipds/crypto.py
+2
-4
src/millipds/crypto.py
···
42
42
ec.SECP256R1: b"\x80\x24", # varint(0x1200)
43
43
}
44
44
45
-
DETERMINISTIC_ECDSA_SHA256 = ec.ECDSA(
46
-
hashes.SHA256(), deterministic_signing=True
47
-
)
45
+
ECDSA_SHA256 = ec.ECDSA(hashes.SHA256())
48
46
49
47
50
48
def apply_low_s_mitigation(dss_sig: bytes, curve: ec.EllipticCurve) -> bytes:
···
65
63
def raw_sign(privkey: ec.EllipticCurvePrivateKey, data: bytes) -> bytes:
66
64
r, s = decode_dss_signature(
67
65
apply_low_s_mitigation(
68
-
privkey.sign(data, DETERMINISTIC_ECDSA_SHA256), privkey.curve
66
+
privkey.sign(data, ECDSA_SHA256), privkey.curve
69
67
)
70
68
)
71
69
signature = r.to_bytes(32, "big") + s.to_bytes(32, "big")