1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-22 22:38:08 +00:00

Use trezor-crypto ECDH, adding Curve25519 support

This commit is contained in:
Roman Zeyde 2016-10-13 22:32:26 +03:00 committed by Pavol Rusnak
parent dfc543c955
commit b57c0ff430
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
6 changed files with 6 additions and 24 deletions

View File

@ -49,6 +49,7 @@ CFLAGS += $(OPTFLAGS) \
-I$(TOP_DIR)gen \
-I$(TOP_DIR)vendor/trezor-crypto \
-I$(TOP_DIR)vendor/trezor-crypto/ed25519-donna \
-I$(TOP_DIR)vendor/trezor-crypto/curve25519-donna \
-I$(TOP_DIR)vendor/trezor-qrenc
ifdef APPVER

View File

@ -28,6 +28,7 @@ OBJS += ../vendor/trezor-crypto/curves.o
OBJS += ../vendor/trezor-crypto/secp256k1.o
OBJS += ../vendor/trezor-crypto/nist256p1.o
OBJS += ../vendor/trezor-crypto/ed25519-donna/ed25519.o
OBJS += ../vendor/trezor-crypto/curve25519-donna/curve25519-donna.o
OBJS += ../vendor/trezor-crypto/hmac.o
OBJS += ../vendor/trezor-crypto/bip32.o
OBJS += ../vendor/trezor-crypto/bip39.o

View File

@ -103,25 +103,6 @@ int gpgMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uin
return hdnode_sign_digest(node, message, signature + 1, NULL, NULL);
}
int cryptoGetECDHSessionKey(const HDNode *node, const uint8_t *peer_public_key, uint8_t *session_key)
{
curve_point point;
const ecdsa_curve *curve = node->curve->params;
if (!ecdsa_read_pubkey(curve, peer_public_key, &point)) {
return 1;
}
bignum256 k;
bn_read_be(node->private_key, &k);
point_multiply(curve, &k, &point, &point);
MEMSET_BZERO(&k, sizeof(k));
session_key[0] = 0x04;
bn_write_be(&point.x, session_key + 1);
bn_write_be(&point.y, session_key + 33);
MEMSET_BZERO(&point, sizeof(point));
return 0;
}
int cryptoMessageSign(const CoinType *coin, HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature)
{
SHA256_CTX ctx;

View File

@ -37,8 +37,6 @@ int sshMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uin
int gpgMessageSign(HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature);
int cryptoGetECDHSessionKey(const HDNode *node, const uint8_t *peer_public_key, uint8_t *session_key);
int cryptoMessageSign(const CoinType *coin, HDNode *node, const uint8_t *message, size_t message_len, uint8_t *signature);
int cryptoMessageVerify(const CoinType *coin, const uint8_t *message, size_t message_len, uint32_t address_type, const uint8_t *address_raw, const uint8_t *signature);

View File

@ -906,9 +906,10 @@ void fsm_msgGetECDHSessionKey(GetECDHSessionKey *msg)
const HDNode *node = fsm_getDerivedNode(curve, address_n, 5);
if (!node) return;
if (cryptoGetECDHSessionKey(node, msg->peer_public_key.bytes, resp->session_key.bytes) == 0) {
int result_size = 0;
if (hdnode_get_shared_key(node, msg->peer_public_key.bytes, resp->session_key.bytes, &result_size) == 0) {
resp->has_session_key = true;
resp->session_key.size = 65;
resp->session_key.size = result_size;
msg_write(MessageType_MessageType_ECDHSessionKey, resp);
} else {
fsm_sendFailure(FailureType_Failure_Other, "Error getting ECDH session key");

@ -1 +1 @@
Subproject commit b05776be77168738d94ef9963019abb4d80a5356
Subproject commit 707c869fb92b78054d75f9f44789502672d5c51d