I have following code to sign messages with ecdsa library. I am getting different result on each run.
import ecdsa
from hashlib import sha256
random_number_for_private_key = 31334737451456268050498185842994455999554006395290392504114029053954839148697
private_key_hex = hex(random_number_for_private_key)[2:]
private_key_bytes = bytes.fromhex(private_key_hex)
private_key_object=ecdsa.SigningKey.from_string(private_key_bytes, curve=ecdsa.SECP256k1, hashfunc=sha256)
public_key = private_key_object.get_verifying_key()
sig = private_key_object.sign(b"message")
print(sig.hex())
Results are:
91654d84e462a4f55429a9f8ea6458c6c11387859d6fa9c53e7376a131e49cd76ee8462c9e0ceb0ce7d1116609fe52d4c6c80d6fe84a0f72ffdde4223152a262
2b96a77ee8fe1058c97c32c2146999f7e0b0305d449de81a3ee9ce0c7d909c65d42f2d7eabfd02b214ca591a19760f69e47ca7b7331547cda2d5d759d09e8106
fb41a7b8fd59b60035f4f4d66ee7aac41a62376b78885d8df3bcce95b3a4de1161cdd5029a5cf1e9dae67aaa792e1d0b79e32663d7c3bfcb82892443c7abde91
when I verify with following code, it returns true for all results
import ecdsa
from hashlib import sha256
message = b"message"
public_key = '46454399998223bdb3771f08341844c485cd6b0e35383635cbc56940a755e5b6986ef0dbd1381267575bf290843540d3061f089fbab1b8f60cfe3d3d0d6aef52'
sig = '91654d84e462a4f55429a9f8ea6458c6c11387859d6fa9c53e7376a131e49cd76ee8462c9e0ceb0ce7d1116609fe52d4c6c80d6fe84a0f72ffdde4223152a262'
vk = ecdsa.VerifyingKey.from_string(bytes.fromhex(public_key), curve=ecdsa.SECP256k1, hashfunc=sha256)
vk.verify(bytes.fromhex(sig), message)
So, is it expected to give different signing results?
P.S: Private and public keys are real but not used in any production env.