1
0

ecc: allow tests to disable ecdsa R-value grinding

see https://github.com/spesmilo/electrum/pull/7453#issuecomment-912594926
This commit is contained in:
SomberNight
2021-09-03 16:48:29 +02:00
parent 2968720fb1
commit a39bfba2d9
2 changed files with 35 additions and 5 deletions

View File

@@ -41,6 +41,11 @@ from .ecc_fast import _libsecp256k1, SECP256K1_EC_UNCOMPRESSED
_logger = get_logger(__name__)
# Some unit tests need to create ECDSA sigs without grinding the R value (and just use RFC6979).
# see https://github.com/bitcoin/bitcoin/pull/13666
ENABLE_ECDSA_R_VALUE_GRINDING = True
def string_to_number(b: bytes) -> int:
return int.from_bytes(b, byteorder='big', signed=False)
@@ -463,11 +468,12 @@ class ECPrivkey(ECPubkey):
return r, s
r, s = sign_with_extra_entropy(extra_entropy=None)
counter = 0
while r >= 2**255: # grind for low R value https://github.com/bitcoin/bitcoin/pull/13666
counter += 1
extra_entropy = counter.to_bytes(32, byteorder="little")
r, s = sign_with_extra_entropy(extra_entropy=extra_entropy)
if ENABLE_ECDSA_R_VALUE_GRINDING:
counter = 0
while r >= 2**255: # grind for low R value https://github.com/bitcoin/bitcoin/pull/13666
counter += 1
extra_entropy = counter.to_bytes(32, byteorder="little")
r, s = sign_with_extra_entropy(extra_entropy=extra_entropy)
sig_string = sig_string_from_r_and_s(r, s)
self.verify_message_hash(sig_string, msg_hash)