i am assuming that RFC6979 is not enabled
It's on by default in 0.96.5. You can turn it on with a command line argument in the versions that support it:
https://github.com/goatpig/BitcoinArmory/blob/master/armoryengine/ArmoryUtils.py#L125Each signature produced is different
For the same transaction? A RFC6979 will only yield the same (R, S) when signing for the same message. When generating a "legacy" ECC signature, you have to make sure you never reuse the same R (regardless of the message).
Can we trust Armory's random k generation?
You already trust it to generate your wallets.
If someone would know the signed messages, would it be possible to derive the private key? ty
If you present someone with 2 validly signed messages, both of which have the same R but a different S, he can reveal your private key. That aside, I remember some talk ages ago where the claim was made that you can leak bits of the private key when analyzing several signatures, but we're talking hundreds or thousands of sigs to leak a single bit. You'd have to dig that one up on your own, can't remember much more.
To generally answer your question: no.