Do not use the commented code in ecdsa.py in a production environment -- The problem with random number k

[99Kies]

For developers:

Please do not use Python's Random library as your dependency for generating K. (If a random number is used unsecurely during signature, the key may be leaked.)

For a better solution:

RFC6979 is preferred here https://www.rfc-editor.org/rfc/inline-errata/rfc6979.html

An example of the Bitcoin curve:

https://github.com/99Kies/ecdsa/blob/main/ecdsa.py#L250

[tomato42]

It's not using Python's Random, it's using SystemRandom, see lines 15 and 16 in your screenshot.
Also, you absolutely SHOULD NOT use those low level interfaces, you should use SigningKey.sign() for signing data.

Or, if you want to use RFC 6979, you should use sign_deterministic():

python-ecdsa/src/ecdsa/keys.py

Lines 1355 to 1400 in b3b27cd

	def sign_deterministic(
	self,
	data,
	hashfunc=None,
	sigencode=sigencode_string,
	extra_entropy=b"",
	):
	"""
	Create signature over data.
	For Weierstrass curves it uses the deterministic RFC6979 algorithm.
	For Edwards curves it uses the standard EdDSA algorithm.
	For ECDSA the data will be hashed using the `hashfunc` function before
	signing.
	For EdDSA the data will be hashed with the hash associated with the
	curve (SHA-512 for Ed25519 and SHAKE-256 for Ed448).
	This is the recommended method for performing signatures when hashing
	of data is necessary.
	:param data: data to be hashed and computed signature over
	:type data: bytes like object
	:param hashfunc: hash function to use for computing the signature,
	if unspecified, the default hash function selected during
	object initialisation will be used (see
	`VerifyingKey.default_hashfunc`). The object needs to implement
	the same interface as hashlib.sha1.
	Ignored with EdDSA.
	:type hashfunc: callable
	:param sigencode: function used to encode the signature.
	The function needs to accept three parameters: the two integers
	that are the signature and the order of the curve over which the
	signature was computed. It needs to return an encoded signature.
	See `ecdsa.util.sigencode_string` and `ecdsa.util.sigencode_der`
	as examples of such functions.
	Ignored with EdDSA.
	:type sigencode: callable
	:param extra_entropy: additional data that will be fed into the random
	number generator used in the RFC6979 process. Entirely optional.
	Ignored with EdDSA.
	:type extra_entropy: bytes like object
	:return: encoded signature over `data`
	:rtype: bytes or sigencode function dependent type
	"""

or sign_digest_deterministic():

python-ecdsa/src/ecdsa/keys.py

Lines 1418 to 1461 in b3b27cd

	def sign_digest_deterministic(
	self,
	digest,
	hashfunc=None,
	sigencode=sigencode_string,
	extra_entropy=b"",
	allow_truncate=False,
	):
	"""
	Create signature for digest using the deterministic RFC6979 algorithm.
	`digest` should be the output of cryptographically secure hash function
	like SHA256 or SHA-3-256.
	This is the recommended method for performing signatures when no
	hashing of data is necessary.
	:param digest: hash of data that will be signed
	:type digest: bytes like object
	:param hashfunc: hash function to use for computing the random "k"
	value from RFC6979 process,
	if unspecified, the default hash function selected during
	object initialisation will be used (see
	`VerifyingKey.default_hashfunc`). The object needs to implement
	the same interface as hashlib.sha1.
	:type hashfunc: callable
	:param sigencode: function used to encode the signature.
	The function needs to accept three parameters: the two integers
	that are the signature and the order of the curve over which the
	signature was computed. It needs to return an encoded signature.
	See `ecdsa.util.sigencode_string` and `ecdsa.util.sigencode_der`
	as examples of such functions.
	:type sigencode: callable
	:param extra_entropy: additional data that will be fed into the random
	number generator used in the RFC6979 process. Entirely optional.
	:type extra_entropy: bytes like object
	:param bool allow_truncate: if True, the provided digest can have
	bigger bit-size than the order of the curve, the extra bits (at
	the end of the digest) will be truncated. Use it when signing
	SHA-384 output using NIST256p or in similar situations.
	:return: encoded signature for the `digest` hash
	:rtype: bytes or sigencode function dependent type
	"""