From d68042e76e3f194c9ec43524a7f79844a4703ce7 Mon Sep 17 00:00:00 2001 From: ThomasV Date: Mon, 5 Oct 2015 09:15:22 +0200 Subject: [PATCH] enforece low S value in signatures (per BIP62) --- lib/bitcoin.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/lib/bitcoin.py b/lib/bitcoin.py index 1cbbf462..1f54b36e 100644 --- a/lib/bitcoin.py +++ b/lib/bitcoin.py @@ -468,6 +468,19 @@ class MyVerifyingKey(ecdsa.VerifyingKey): return klass.from_public_point( Q, curve ) +class MySigningKey(ecdsa.SigningKey): + """Enforce low S values in signatures""" + + def sign_number(self, number, entropy=None, k=None): + curve = SECP256k1 + G = curve.generator + order = G.order() + r, s = ecdsa.SigningKey.sign_number(self, number, entropy, k) + if s > order/2: + s = order - s + return r, s + + class EC_KEY(object): def __init__( self, k ): @@ -480,7 +493,7 @@ class EC_KEY(object): return point_to_ser(self.pubkey.point, compressed).encode('hex') def sign(self, msg_hash): - private_key = ecdsa.SigningKey.from_secret_exponent(self.secret, curve = SECP256k1) + private_key = MySigningKey.from_secret_exponent(self.secret, curve = SECP256k1) public_key = private_key.get_verifying_key() signature = private_key.sign_digest_deterministic(msg_hash, hashfunc=hashlib.sha256, sigencode = ecdsa.util.sigencode_string) assert public_key.verify_digest(signature, msg_hash, sigdecode = ecdsa.util.sigdecode_string)