ecdsa low s value

iskyd · iskyd · commit f106efbfac94 · 2024-11-02T22:00:08.000+01:00
diff --git a/src/crypto/ecdsa.zig b/src/crypto/ecdsa.zig
@@ -70,9 +70,9 @@ pub fn sign(pk: [32]u8, z: [32]u8, comptime nonce: ?u256) Signature {
         if (s == 0) {
             continue;
         }
+        const low_s = if (s > crypto.secp256k1_number_of_points / 2) crypto.secp256k1_number_of_points - s else s;
 
-        // TODO: always use the low s value
-        return Signature{ .r = r, .s = s };
+        return Signature{ .r = r, .s = low_s };
     }
 
     unreachable;

Original file line number	Diff line number	Diff line change
`@@ -70,9 +70,9 @@ pub fn sign(pk: [32]u8, z: [32]u8, comptime nonce: ?u256) Signature {`
`70`	`70`	`if (s == 0) {`
`71`	`71`	`continue;`
`72`	`72`	`}`
	`73`	`+ const low_s = if (s > crypto.secp256k1_number_of_points / 2) crypto.secp256k1_number_of_points - s else s;`
`73`	`74`
`74`		`- // TODO: always use the low s value`
`75`		`- return Signature{ .r = r, .s = s };`
	`75`	`+ return Signature{ .r = r, .s = low_s };`
`76`	`76`	`}`
`77`	`77`
`78`	`78`	`unreachable;`