search

AntonKueltz / fastecdsa

Python library for fast elliptic curve crypto
https://pypi.python.org/pypi/fastecdsa
The Unlicense
263 stars 76 forks source link

[Question] - Different Signatures for same input #71

Closed ArulselvanMadhavan closed 3 years ago

ArulselvanMadhavan commented 3 years ago

Hi,

I'm trying to port my python code over to golang and trying to replicate ECDSA P192 signing logic from python to golang(wrapper over openssl).

ECDSA:

//S.CURVE is P192 and Hash function is sha256
fe_ecdsa.sign(message, s._key, curve=s.CURVE, hashfunc=s.HASH

The output signature is always the same when I sign using this library. When I use openssl, the signature varies for the same input(same keys)

I understand that this may not be a bug with this library. I'm just wondering if there is anything that this library does to not get randomized signatures.

Thanks!

AntonKueltz commented 3 years ago

Hey there, it could well be that openssl is using a randomly generated nonce, which would cause non-deterministic signatures for a static message and keypair. This library uses RFC6979 to generate deterministic signatures by using a deterministic nonce derived from the input message.

ArulselvanMadhavan commented 3 years ago

Thanks for the explanation! I will close the issue