commit d68042e76e3f194c9ec43524a7f79844a4703ce7
parent 0fe410d7e6a09769b7cd7341acedb6c590203ac1
Author: ThomasV <thomasv@electrum.org>
Date: Mon, 5 Oct 2015 09:15:22 +0200
enforece low S value in signatures (per BIP62)
Diffstat:
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/lib/bitcoin.py b/lib/bitcoin.py
@@ -468,6 +468,19 @@ class MyVerifyingKey(ecdsa.VerifyingKey):
return klass.from_public_point( Q, curve )
+class MySigningKey(ecdsa.SigningKey):
+ """Enforce low S values in signatures"""
+
+ def sign_number(self, number, entropy=None, k=None):
+ curve = SECP256k1
+ G = curve.generator
+ order = G.order()
+ r, s = ecdsa.SigningKey.sign_number(self, number, entropy, k)
+ if s > order/2:
+ s = order - s
+ return r, s
+
+
class EC_KEY(object):
def __init__( self, k ):
@@ -480,7 +493,7 @@ class EC_KEY(object):
return point_to_ser(self.pubkey.point, compressed).encode('hex')
def sign(self, msg_hash):
- private_key = ecdsa.SigningKey.from_secret_exponent(self.secret, curve = SECP256k1)
+ private_key = MySigningKey.from_secret_exponent(self.secret, curve = SECP256k1)
public_key = private_key.get_verifying_key()
signature = private_key.sign_digest_deterministic(msg_hash, hashfunc=hashlib.sha256, sigencode = ecdsa.util.sigencode_string)
assert public_key.verify_digest(signature, msg_hash, sigdecode = ecdsa.util.sigdecode_string)
