mirror of
https://github.com/trezor/trezor-firmware.git
synced 2025-01-12 08:20:56 +00:00
make pubkey validation optional, extract options to separate header
This commit is contained in:
parent
0c2f9fd6f9
commit
b9d5896174
4
Makefile
4
Makefile
@ -1,7 +1,7 @@
|
||||
CC = gcc
|
||||
CFLAGS = -Wall -Wextra -Os -Wno-sequence-point
|
||||
ifdef SMALL
|
||||
CFLAGS += -DUSE_PRECOMPUTED_IV=0 -DUSE_PRECOMPUTED_CP=0
|
||||
CFLAGS += -DUSE_PRECOMPUTED_IV=0 -DUSE_PRECOMPUTED_CP=0 -DUSE_PUBKEY_VALIDATE=0
|
||||
endif
|
||||
OBJS = bignum.o ecdsa.o secp256k1.o rand.o hmac.o bip32.o bip39.o pbkdf2.o base58.o
|
||||
OBJS += ripemd160.o
|
||||
@ -13,7 +13,7 @@ TESTSSLLIBS = -lcrypto
|
||||
|
||||
all: tests test-openssl
|
||||
|
||||
%.o: %.c %.h
|
||||
%.o: %.c %.h options.h
|
||||
$(CC) $(CFLAGS) -o $@ -c $<
|
||||
|
||||
tests: tests.o $(OBJS)
|
||||
|
20
bignum.h
20
bignum.h
@ -25,21 +25,7 @@
|
||||
#define __BIGNUM_H__
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
// use precomputed Inverse Values of powers of two
|
||||
#ifndef USE_PRECOMPUTED_IV
|
||||
#define USE_PRECOMPUTED_IV 1
|
||||
#endif
|
||||
|
||||
// use precomputed Curve Points (some scalar multiples of curve base point G)
|
||||
#ifndef USE_PRECOMPUTED_CP
|
||||
#define USE_PRECOMPUTED_CP 1
|
||||
#endif
|
||||
|
||||
// use fast inverse method
|
||||
#ifndef USE_INVERSE_FAST
|
||||
#define USE_INVERSE_FAST 1
|
||||
#endif
|
||||
#include "options.h"
|
||||
|
||||
// bignum256 are 256 bits stored as 8*30 bit + 1*16 bit
|
||||
// val[0] are lowest 30 bits, val[8] highest 16 bits
|
||||
@ -97,10 +83,6 @@ void bn_substract_noprime(const bignum256 *a, const bignum256 *b, bignum256 *res
|
||||
|
||||
void bn_divmod58(bignum256 *a, uint32_t *r);
|
||||
|
||||
#ifndef BN_PRINT
|
||||
#define BN_PRINT 0
|
||||
#endif
|
||||
|
||||
#if BN_PRINT
|
||||
void bn_print(const bignum256 *a);
|
||||
void bn_print_raw(const bignum256 *a);
|
||||
|
8
ecdsa.c
8
ecdsa.c
@ -459,12 +459,20 @@ int ecdsa_read_pubkey(const uint8_t *pub_key, curve_point *pub)
|
||||
if (pub_key[0] == 0x04) {
|
||||
bn_read_be(pub_key + 1, &(pub->x));
|
||||
bn_read_be(pub_key + 33, &(pub->y));
|
||||
#ifdef USE_PUBKEY_VALIDATE
|
||||
return ecdsa_validate_pubkey(pub);
|
||||
#else
|
||||
return 1;
|
||||
#endif
|
||||
}
|
||||
if (pub_key[0] == 0x02 || pub_key[0] == 0x03) { // compute missing y coords
|
||||
bn_read_be(pub_key + 1, &(pub->x));
|
||||
uncompress_coords(pub_key[0], &(pub->x), &(pub->y));
|
||||
#ifdef USE_PUBKEY_VALIDATE
|
||||
return ecdsa_validate_pubkey(pub);
|
||||
#else
|
||||
return 1;
|
||||
#endif
|
||||
}
|
||||
// error
|
||||
return 0;
|
||||
|
6
ecdsa.h
6
ecdsa.h
@ -25,13 +25,9 @@
|
||||
#define __ECDSA_H__
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#include "options.h"
|
||||
#include "secp256k1.h"
|
||||
|
||||
#ifndef USE_RFC6979
|
||||
#define USE_RFC6979 1
|
||||
#endif
|
||||
|
||||
void point_copy(const curve_point *cp1, curve_point *cp2);
|
||||
void point_add(const curve_point *cp1, curve_point *cp2);
|
||||
void point_double(curve_point *cp);
|
||||
|
56
options.h
Normal file
56
options.h
Normal file
@ -0,0 +1,56 @@
|
||||
/**
|
||||
* Copyright (c) 2013-2014 Pavol Rusnak
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining
|
||||
* a copy of this software and associated documentation files (the "Software"),
|
||||
* to deal in the Software without restriction, including without limitation
|
||||
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
||||
* and/or sell copies of the Software, and to permit persons to whom the
|
||||
* Software is furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included
|
||||
* in all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
||||
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
||||
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
|
||||
* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
|
||||
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
|
||||
* OTHER DEALINGS IN THE SOFTWARE.
|
||||
*/
|
||||
|
||||
#ifndef __OPTIONS_H__
|
||||
#define __OPTIONS_H__
|
||||
|
||||
// use precomputed Inverse Values of powers of two
|
||||
#ifndef USE_PRECOMPUTED_IV
|
||||
#define USE_PRECOMPUTED_IV 1
|
||||
#endif
|
||||
|
||||
// use precomputed Curve Points (some scalar multiples of curve base point G)
|
||||
#ifndef USE_PRECOMPUTED_CP
|
||||
#define USE_PRECOMPUTED_CP 1
|
||||
#endif
|
||||
|
||||
// use fast inverse method
|
||||
#ifndef USE_INVERSE_FAST
|
||||
#define USE_INVERSE_FAST 1
|
||||
#endif
|
||||
|
||||
// support for printing bignum256 structures via printf
|
||||
#ifndef BN_PRINT
|
||||
#define BN_PRINT 0
|
||||
#endif
|
||||
|
||||
// use deterministic signatures
|
||||
#ifndef USE_RFC6979
|
||||
#define USE_RFC6979 1
|
||||
#endif
|
||||
|
||||
// check public key for validity
|
||||
#ifndef USE_PUBKEY_VALIDATE
|
||||
#define USE_PUBKEY_VALIDATE 1
|
||||
#endif
|
||||
|
||||
#endif
|
9
tests.c
9
tests.c
@ -34,6 +34,7 @@
|
||||
#include "ecdsa.h"
|
||||
#include "pbkdf2.h"
|
||||
#include "sha2.h"
|
||||
#include "options.h"
|
||||
|
||||
uint8_t *fromhex(const char *str)
|
||||
{
|
||||
@ -415,7 +416,7 @@ START_TEST(test_verify_speed)
|
||||
memcpy(pub_key33, fromhex("024054fd18aeb277aeedea01d3f3986ff4e5be18092a04339dcf4e524e2c0a0974"), 33);
|
||||
memcpy(pub_key65, fromhex("044054fd18aeb277aeedea01d3f3986ff4e5be18092a04339dcf4e524e2c0a09746c7083ed2097011b1223a17a644e81f59aa3de22dac119fd980b36a8ff29a244"), 65);
|
||||
|
||||
for (i = 0 ; i < 50; i++) {
|
||||
for (i = 0 ; i < 25; i++) {
|
||||
res = ecdsa_verify(pub_key65, sig, msg, sizeof(msg));
|
||||
ck_assert_int_eq(res, 0);
|
||||
res = ecdsa_verify(pub_key33, sig, msg, sizeof(msg));
|
||||
@ -426,14 +427,14 @@ START_TEST(test_verify_speed)
|
||||
memcpy(pub_key33, fromhex("03ff45a5561a76be930358457d113f25fac790794ec70317eff3b97d7080d45719"), 33);
|
||||
memcpy(pub_key65, fromhex("04ff45a5561a76be930358457d113f25fac790794ec70317eff3b97d7080d457196235193a15778062ddaa44aef7e6901b781763e52147f2504e268b2d572bf197"), 65);
|
||||
|
||||
for (i = 0 ; i < 50; i++) {
|
||||
for (i = 0 ; i < 25; i++) {
|
||||
res = ecdsa_verify(pub_key65, sig, msg, sizeof(msg));
|
||||
ck_assert_int_eq(res, 0);
|
||||
res = ecdsa_verify(pub_key33, sig, msg, sizeof(msg));
|
||||
ck_assert_int_eq(res, 0);
|
||||
}
|
||||
|
||||
printf("Verifying speed: %0.2f sig/s\n", 200.0f / ((float)(clock() - t) / CLOCKS_PER_SEC));
|
||||
printf("Verifying speed: %0.2f sig/s\n", 100.0f / ((float)(clock() - t) / CLOCKS_PER_SEC));
|
||||
}
|
||||
END_TEST
|
||||
|
||||
@ -886,6 +887,7 @@ START_TEST(test_pubkey_validity)
|
||||
res = ecdsa_read_pubkey(pub_key, &pub);
|
||||
ck_assert_int_eq(res, 1);
|
||||
|
||||
#ifdef USE_PUBKEY_VALIDATE
|
||||
memcpy(pub_key, fromhex("04f80490839af36d13701ec3f9eebdac901b51c362119d74553a3c537faff31b17e2a59ebddbdac9e87b816307a7ed5b826b8f40b92719086238e1bebf00000000"), 65);
|
||||
res = ecdsa_read_pubkey(pub_key, &pub);
|
||||
ck_assert_int_eq(res, 0);
|
||||
@ -893,6 +895,7 @@ START_TEST(test_pubkey_validity)
|
||||
memcpy(pub_key, fromhex("04f80490839af36d13701ec3f9eebdac901b51c362119d74553a3c537faff31b17e2a59ebddbdac9e87b816307a7ed5b8211111111111111111111111111111111"), 65);
|
||||
res = ecdsa_read_pubkey(pub_key, &pub);
|
||||
ck_assert_int_eq(res, 0);
|
||||
#endif
|
||||
|
||||
memcpy(pub_key, fromhex("00"), 1);
|
||||
res = ecdsa_read_pubkey(pub_key, &pub);
|
||||
|
Loading…
Reference in New Issue
Block a user