Prepare for 1.1.14

Atif Nazir · Atif Nazir · commit d0d6a347c57f · 2020-07-02T10:18:27.000-07:00
Use low R signatures by default
Update tests
Update package dependencies
Disallow Python 3.0-3.4 given dependencies
diff --git a/block_io/__init__.py b/block_io/__init__.py
@@ -44,12 +44,22 @@ def __init__(self, privkey, pubkey = None, compressed = True):
                 # use the uncompressed public key
                 self.public_key = unhexlify('04' + hexlify(self.private_key.get_verifying_key().to_string()).decode("utf-8"))
 
-        def sign(self, data_to_sign):
-            der_sig = self.private_key.sign_digest_deterministic(data_to_sign, sha256, util.sigencode_der_canonize)
-            return der_sig
-
-        def sign_hex(self, hex_data):
-            return hexlify(self.sign(unhexlify(hex_data)))
+        def sign(self, data_to_sign, use_low_r = True):
+            counter = 0
+
+            while True:
+                extra_entropy = b""
+                if (counter > 0):
+                    extra_entropy = bytearray.fromhex(hex(counter).split("x")[1].rjust(64,"0"))[::-1]
+                der_sig = hexlify(self.private_key.sign_digest_deterministic(data_to_sign, sha256, util.sigencode_der_canonize, extra_entropy))
+                if use_low_r == False or (int(der_sig[6:8],16) == 32 and int(der_sig[8:10],16) < 128): #  der_sig[3] == 32 and der_sig[4] < 128):
+                    break
+                counter = counter + 1
+                    
+            return unhexlify(der_sig)
+
+        def sign_hex(self, hex_data, use_low_r = True):
+            return hexlify(self.sign(unhexlify(hex_data), use_low_r))
 
         def pubkey_hex(self):
             return hexlify(self.public_key)
diff --git a/setup.py b/setup.py
@@ -4,24 +4,22 @@
     long_description = fh.read()
     
 setup(name='block-io',
-      version='1.1.13',
+      version='1.1.14',
       description='The easiest way to integrate Bitcoin, Dogecoin and Litecoin in your applications. Sign up at Block.io for your API key.',
       url='https://github.com/BlockIo/block_io-python',
       author='Atif Nazir',
       author_email='a@block.io',
       license='MIT',
       packages=['block_io'],
-      python_requires='>=2.7, <4',
+      python_requires='>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4',
       long_description=long_description,
       long_description_content_type="text/markdown",
       install_requires=[
           'requests>=2.20.0',
-          'pycryptodome>=3.6.6,<4.0',
-          'ecdsa==0.13.3',
+          'pycryptodome>=3.9.8,<4.0',
+          'ecdsa==0.15',
           'six>=1.8.0',
           'base58==1.0.3'
       ],
       zip_safe=False)
 
-# for packages not on pypi
-# dependency_links=['http://github.com/user/repo/tarball/master#egg=package-1.0']
diff --git a/test.py b/test.py
@@ -97,14 +97,38 @@ def setUp(self):
         self.key = BlockIo.Key(unhexlify("6b0e34587dece0ef042c4c7205ce6b3d4a64d0bc484735b9325f7971a0ead963"))
         self.hex_data = "feedfacedeadbeeffeedfacedeadbeeffeedfacedeadbeeffeedfacedeadbeef"
 
-    def test_deterministic_k(self):
+    def test_deterministic_k_no_extra_entropy(self):
         k = rfc6979.generate_k(SECP256k1.generator.order(), self.key.private_key.privkey.secret_multiplier, sha256, unhexlify(self.hex_data))
         self.assertEqual(hexlify(util.number_to_string(k, self.key.private_key.privkey.order)), b'ab56733dc6b9cf8fbecd9af7ba64ee5b658b8a1def2f4c4c510a2996d2761d6f')
 
-    def test_signature(self):
-        sig = self.key.sign_hex(self.hex_data)
+    def test_deterministic_k_extra_entropy_1(self):
+        extra_entropy = bytearray.fromhex(hex(1).split("x")[1].rjust(64,"0"))[::-1]
+        k = rfc6979.generate_k(SECP256k1.generator.order(), self.key.private_key.privkey.secret_multiplier, sha256, unhexlify(self.hex_data), 0, extra_entropy)
+        self.assertEqual(hexlify(util.number_to_string(k, self.key.private_key.privkey.order)), b'f24f24e2e6510071c86da612ef04ccc21664a3801e0e06a227023b9c513a8290')
+
+    def test_deterministic_k_extra_entropy_16(self):
+        extra_entropy = bytearray.fromhex(hex(16).split("x")[1].rjust(64,"0"))[::-1]
+        k = rfc6979.generate_k(SECP256k1.generator.order(), self.key.private_key.privkey.secret_multiplier, sha256, unhexlify(self.hex_data), 0, extra_entropy)
+        self.assertEqual(hexlify(util.number_to_string(k, self.key.private_key.privkey.order)), b'f42eeee9d30ec008d58ce23b2ff08fac85127e87390bccccbecc68a537da3d47')
+
+    def test_deterministic_k_extra_entropy_255(self):
+        extra_entropy = bytearray.fromhex(hex(255).split("x")[1].rjust(64,"0"))[::-1]
+        k = rfc6979.generate_k(SECP256k1.generator.order(), self.key.private_key.privkey.secret_multiplier, sha256, unhexlify(self.hex_data), 0, extra_entropy)
+        self.assertEqual(hexlify(util.number_to_string(k, self.key.private_key.privkey.order)), b'a2c913d48ca5d18c62126a90059a552f4cafeab85b55e9acdc6848473910f150')
+
+    def test_deterministic_k_extra_entropy_256(self):
+        extra_entropy = bytearray.fromhex(hex(256).split("x")[1].rjust(64,"0"))[::-1]
+        k = rfc6979.generate_k(SECP256k1.generator.order(), self.key.private_key.privkey.secret_multiplier, sha256, unhexlify(self.hex_data), 0, extra_entropy)
+        self.assertEqual(hexlify(util.number_to_string(k, self.key.private_key.privkey.order)), b'39c9dc355f042b24fe44184119c31b62ff9d8a3d0c5a26bada674d9595e6988d')
+
+    def test_signature_without_low_r(self):
+        sig = self.key.sign_hex(self.hex_data,False)
         self.assertEqual(sig, b'3045022100b633aaa7cd5b7af455211531f193b61d34d20fe5ea19d23dd40d6074126150530220676617cd427db7d85923ebe4426ccecc47fb5826e3e24b60e62244e2a4811086')
 
+    def test_signature_with_low_r(self):
+        sig = self.key.sign_hex(self.hex_data)
+        self.assertEqual(sig, b'3044022042b9b4d673c85798f226c85f55ea6e114a0805bd5a0efba35f14c05235bb67b2022016333edae230c0ab607e948b48ceaefb5cab07300fb869d9da0a1b0f6bb53f65')
+
 class TestHelpers(unittest.TestCase):
     def setUp(self):
         self.pin = "123456";
