retr0.id / millipds
A from-scratch atproto PDS implementation in Python (mirrors https://github.com/DavidBuchanan314/millipds)
fork atom

remove hardcoded curve group order constants

retr0.id 8f89a01e 474069f0

options
unified split
Changed files
+5 -14
pyproject.toml
src
millipds
crypto.py
+1 -1
pyproject.toml
··· 22 22 "cbrrr >= 1.0.0, < 2", 23 23 "atmst >= 0.0.6", 24 24 "pyjwt[crypto]", 25 - "cryptography", 25 + "cryptography >= 45.0.0", 26 26 "aiohttp", 27 27 "aiodns", # goes faster, apparently 28 28 "aiohttp-middlewares", # cors
+4 -13
src/millipds/crypto.py
··· 25 25 """ 26 26 27 27 28 - CURVE_ORDER = { 29 - # constant defined by NIST SP 800-186 - https://csrc.nist.gov/pubs/sp/800/186/final 30 - ec.SECP256R1: 0xFFFFFFFF_00000000_FFFFFFFF_FFFFFFFF_BCE6FAAD_A7179E84_F3B9CAC2_FC632551, 31 - # constant defined by SECG SEC 2 - https://www.secg.org/sec2-v2.pdf 32 - ec.SECP256K1: 0xFFFFFFFF_FFFFFFFF_FFFFFFFF_FFFFFFFE_BAAEDCE6_AF48A03B_BFD25E8C_D0364141, 33 - } 34 - 35 28 JWT_SIGNATURE_ALGS = { 36 29 ec.SECP256R1: "ES256", 37 30 ec.SECP256K1: "ES256K", ··· 47 40 48 41 def apply_low_s_mitigation(dss_sig: bytes, curve: ec.EllipticCurve) -> bytes: 49 42 r, s = decode_dss_signature(dss_sig) 50 - n = CURVE_ORDER[type(curve)] 51 - if s > n // 2: 52 - s = n - s 43 + if s > curve.group_order // 2: 44 + s = curve.group_order - s 53 45 return encode_dss_signature(r, s) 54 46 55 47 56 48 def assert_dss_sig_is_low_s(dss_sig: bytes, curve: ec.EllipticCurve) -> None: 57 49 _, s = decode_dss_signature(dss_sig) 58 - n = CURVE_ORDER[type(curve)] 59 - if s > n // 2: 50 + if s > curve.group_order // 2: 60 51 raise InvalidSignature("high-S signature") 61 52 62 53 ··· 104 95 return pubkey 105 96 106 97 107 - def jwt_signature_alg_for_pem(pem: str) -> Literal["ES256", "ES256K"]: 98 + def jwt_signature_alg_for_pem(pem: str) -> str: 108 99 return JWT_SIGNATURE_ALGS[type(privkey_from_pem(pem).curve)] 109 100 110 101