arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-03-17 16:46:05 +00:00
Code Issues Releases Wiki Activity

Fixed uncompress_coords for NIST curve

Browse Source 
The bn_sqrti was broken.  It didn't handle primes where all bits are set
in the lowest limb.
This commit is contained in:
Jochen Hoenicke 2016-04-20 15:09:11 +02:00
parent b34be66a9c
commit 533c3beb63
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bignum.c
View File

@ -371,7 +371,7 @@ void bn_sqrt(bignum256 *x, const bignum256 *prime)
bn_zero(&res); res.val[0] = 1;
// compute p = (prime+1)/4
memcpy(&p, prime, sizeof(bignum256));
p.val[0] += 1;
bn_addi(&p, 1);
bn_rshift(&p);
bn_rshift(&p);
for (i = 0; i < 9; i++) {

2
ecdsa.c
View File

@ -862,7 +862,7 @@ int ecdsa_address_decode(const char *addr, uint8_t *out)
void uncompress_coords(const ecdsa_curve *curve, uint8_t odd, const bignum256 *x, bignum256 *y)
{
// y^2 = x^3 + 0*x + 7
// y^2 = x^3 + a*x + b
memcpy(y, x, sizeof(bignum256)); // y is x
bn_multiply(x, y, &curve->prime); // y is x^2
bn_subi(y, -curve->a, &curve->prime); // y is x^2 + a