From b9d589617418ec5394a90879f7365eaec43cd85d Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Mon, 7 Jul 2014 20:14:15 +0200 Subject: [PATCH] make pubkey validation optional, extract options to separate header --- Makefile | 4 ++-- bignum.h | 20 +------------------- ecdsa.c | 8 ++++++++ ecdsa.h | 6 +----- options.h | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ tests.c | 9 ++++++--- 6 files changed, 74 insertions(+), 29 deletions(-) create mode 100644 options.h diff --git a/Makefile b/Makefile index 00521f6c5..746306110 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ CC = gcc CFLAGS = -Wall -Wextra -Os -Wno-sequence-point ifdef SMALL -CFLAGS += -DUSE_PRECOMPUTED_IV=0 -DUSE_PRECOMPUTED_CP=0 +CFLAGS += -DUSE_PRECOMPUTED_IV=0 -DUSE_PRECOMPUTED_CP=0 -DUSE_PUBKEY_VALIDATE=0 endif OBJS = bignum.o ecdsa.o secp256k1.o rand.o hmac.o bip32.o bip39.o pbkdf2.o base58.o OBJS += ripemd160.o @@ -13,7 +13,7 @@ TESTSSLLIBS = -lcrypto all: tests test-openssl -%.o: %.c %.h +%.o: %.c %.h options.h $(CC) $(CFLAGS) -o $@ -c $< tests: tests.o $(OBJS) diff --git a/bignum.h b/bignum.h index 2e3a3917a..2fa65568c 100644 --- a/bignum.h +++ b/bignum.h @@ -25,21 +25,7 @@ #define __BIGNUM_H__ #include - -// use precomputed Inverse Values of powers of two -#ifndef USE_PRECOMPUTED_IV -#define USE_PRECOMPUTED_IV 1 -#endif - -// use precomputed Curve Points (some scalar multiples of curve base point G) -#ifndef USE_PRECOMPUTED_CP -#define USE_PRECOMPUTED_CP 1 -#endif - -// use fast inverse method -#ifndef USE_INVERSE_FAST -#define USE_INVERSE_FAST 1 -#endif +#include "options.h" // bignum256 are 256 bits stored as 8*30 bit + 1*16 bit // val[0] are lowest 30 bits, val[8] highest 16 bits @@ -97,10 +83,6 @@ void bn_substract_noprime(const bignum256 *a, const bignum256 *b, bignum256 *res void bn_divmod58(bignum256 *a, uint32_t *r); -#ifndef BN_PRINT -#define BN_PRINT 0 -#endif - #if BN_PRINT void bn_print(const bignum256 *a); void bn_print_raw(const bignum256 *a); diff --git a/ecdsa.c b/ecdsa.c index df7847533..f5cd4f226 100644 --- a/ecdsa.c +++ b/ecdsa.c @@ -459,12 +459,20 @@ int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub) if (pub_key[0] == 0x04) { bn_read_be(pub_key + 1, &(pub->x)); bn_read_be(pub_key + 33, &(pub->y)); +#ifdef USE_PUBKEY_VALIDATE return ecdsa_validate_pubkey(pub); +#else + return 1; +#endif } if (pub_key[0] == 0x02 || pub_key[0] == 0x03) { // compute missing y coords bn_read_be(pub_key + 1, &(pub->x)); uncompress_coords(pub_key[0], &(pub->x), &(pub->y)); +#ifdef USE_PUBKEY_VALIDATE return ecdsa_validate_pubkey(pub); +#else + return 1; +#endif } // error return 0; diff --git a/ecdsa.h b/ecdsa.h index b1a1e7e37..2de5bcdfa 100644 --- a/ecdsa.h +++ b/ecdsa.h @@ -25,13 +25,9 @@ #define __ECDSA_H__ #include - +#include "options.h" #include "secp256k1.h" -#ifndef USE_RFC6979 -#define USE_RFC6979 1 -#endif - void point_copy(const curve_point *cp1, curve_point *cp2); void point_add(const curve_point *cp1, curve_point *cp2); void point_double(curve_point *cp); diff --git a/options.h b/options.h new file mode 100644 index 000000000..85285e395 --- /dev/null +++ b/options.h @@ -0,0 +1,56 @@ +/** + * Copyright (c) 2013-2014 Pavol Rusnak + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES + * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, + * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + * OTHER DEALINGS IN THE SOFTWARE. + */ + +#ifndef __OPTIONS_H__ +#define __OPTIONS_H__ + +// use precomputed Inverse Values of powers of two +#ifndef USE_PRECOMPUTED_IV +#define USE_PRECOMPUTED_IV 1 +#endif + +// use precomputed Curve Points (some scalar multiples of curve base point G) +#ifndef USE_PRECOMPUTED_CP +#define USE_PRECOMPUTED_CP 1 +#endif + +// use fast inverse method +#ifndef USE_INVERSE_FAST +#define USE_INVERSE_FAST 1 +#endif + +// support for printing bignum256 structures via printf +#ifndef BN_PRINT +#define BN_PRINT 0 +#endif + +// use deterministic signatures +#ifndef USE_RFC6979 +#define USE_RFC6979 1 +#endif + +// check public key for validity +#ifndef USE_PUBKEY_VALIDATE +#define USE_PUBKEY_VALIDATE 1 +#endif + +#endif diff --git a/tests.c b/tests.c index a3f45fd5a..7d7a1310e 100644 --- a/tests.c +++ b/tests.c @@ -34,6 +34,7 @@ #include "ecdsa.h" #include "pbkdf2.h" #include "sha2.h" +#include "options.h" uint8_t *fromhex(const char *str) { @@ -415,7 +416,7 @@ START_TEST(test_verify_speed) memcpy(pub_key33, fromhex("024054fd18aeb277aeedea01d3f3986ff4e5be18092a04339dcf4e524e2c0a0974"), 33); memcpy(pub_key65, fromhex("044054fd18aeb277aeedea01d3f3986ff4e5be18092a04339dcf4e524e2c0a09746c7083ed2097011b1223a17a644e81f59aa3de22dac119fd980b36a8ff29a244"), 65); - for (i = 0 ; i < 50; i++) { + for (i = 0 ; i < 25; i++) { res = ecdsa_verify(pub_key65, sig, msg, sizeof(msg)); ck_assert_int_eq(res, 0); res = ecdsa_verify(pub_key33, sig, msg, sizeof(msg)); @@ -426,14 +427,14 @@ START_TEST(test_verify_speed) memcpy(pub_key33, fromhex("03ff45a5561a76be930358457d113f25fac790794ec70317eff3b97d7080d45719"), 33); memcpy(pub_key65, fromhex("04ff45a5561a76be930358457d113f25fac790794ec70317eff3b97d7080d457196235193a15778062ddaa44aef7e6901b781763e52147f2504e268b2d572bf197"), 65); - for (i = 0 ; i < 50; i++) { + for (i = 0 ; i < 25; i++) { res = ecdsa_verify(pub_key65, sig, msg, sizeof(msg)); ck_assert_int_eq(res, 0); res = ecdsa_verify(pub_key33, sig, msg, sizeof(msg)); ck_assert_int_eq(res, 0); } - printf("Verifying speed: %0.2f sig/s\n", 200.0f / ((float)(clock() - t) / CLOCKS_PER_SEC)); + printf("Verifying speed: %0.2f sig/s\n", 100.0f / ((float)(clock() - t) / CLOCKS_PER_SEC)); } END_TEST @@ -886,6 +887,7 @@ START_TEST(test_pubkey_validity) res = ecdsa_read_pubkey(pub_key, &pub); ck_assert_int_eq(res, 1); +#ifdef USE_PUBKEY_VALIDATE memcpy(pub_key, fromhex("04f80490839af36d13701ec3f9eebdac901b51c362119d74553a3c537faff31b17e2a59ebddbdac9e87b816307a7ed5b826b8f40b92719086238e1bebf00000000"), 65); res = ecdsa_read_pubkey(pub_key, &pub); ck_assert_int_eq(res, 0); @@ -893,6 +895,7 @@ START_TEST(test_pubkey_validity) memcpy(pub_key, fromhex("04f80490839af36d13701ec3f9eebdac901b51c362119d74553a3c537faff31b17e2a59ebddbdac9e87b816307a7ed5b8211111111111111111111111111111111"), 65); res = ecdsa_read_pubkey(pub_key, &pub); ck_assert_int_eq(res, 0); +#endif memcpy(pub_key, fromhex("00"), 1); res = ecdsa_read_pubkey(pub_key, &pub);