copilot: Refactor ECDSA signing to use non-deterministic signing method

retr0.id / millipds

fork atom

A from-scratch atproto PDS implementation in Python (mirrors https://github.com/DavidBuchanan314/millipds)

fork atom

retr0.id 9 months ago e60577e9 15727d47

+2 -4

1 changed file

expand all

unified split

src

millipds

crypto.py

+2 -4

src/millipds/crypto.py

··· 42 ec.SECP256R1: b"\x80\x24", # varint(0x1200) 43 } 44 45 - DETERMINISTIC_ECDSA_SHA256 = ec.ECDSA( 46 - hashes.SHA256(), deterministic_signing=True 47 - ) 48 49 50 def apply_low_s_mitigation(dss_sig: bytes, curve: ec.EllipticCurve) -> bytes: ··· 65 def raw_sign(privkey: ec.EllipticCurvePrivateKey, data: bytes) -> bytes: 66 r, s = decode_dss_signature( 67 apply_low_s_mitigation( 68 - privkey.sign(data, DETERMINISTIC_ECDSA_SHA256), privkey.curve 69 ) 70 ) 71 signature = r.to_bytes(32, "big") + s.to_bytes(32, "big")

··· 42 ec.SECP256R1: b"\x80\x24", # varint(0x1200) 43 } 44 45 + ECDSA_SHA256 = ec.ECDSA(hashes.SHA256()) 46 47 48 def apply_low_s_mitigation(dss_sig: bytes, curve: ec.EllipticCurve) -> bytes: ··· 63 def raw_sign(privkey: ec.EllipticCurvePrivateKey, data: bytes) -> bytes: 64 r, s = decode_dss_signature( 65 apply_low_s_mitigation( 66 + privkey.sign(data, ECDSA_SHA256), privkey.curve 67 ) 68 ) 69 signature = r.to_bytes(32, "big") + s.to_bytes(32, "big")