1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-18 11:21:11 +00:00

refactor ECDH multiplication into ecdh_multiply function

This commit is contained in:
Pavol Rusnak 2016-10-21 18:19:01 +02:00
parent ca4057aca0
commit cf21bb2fbf
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
3 changed files with 22 additions and 12 deletions

13
bip32.c
View File

@ -470,20 +470,9 @@ int hdnode_get_shared_key(const HDNode *node, const uint8_t *peer_public_key, ui
*result_size = 33;
return 0;
} else {
curve_point point;
const ecdsa_curve *curve = node->curve->params;
if (!ecdsa_read_pubkey(curve, peer_public_key, &point)) {
if (!ecdh_multiply(node->curve->params, node->private_key, peer_public_key, session_key)) {
return 1;
}
bignum256 k;
bn_read_be(node->private_key, &k);
point_multiply(curve, &k, &point, &point);
MEMSET_BZERO(&k, sizeof(k));
session_key[0] = 0x04;
bn_write_be(&point.x, session_key + 1);
bn_write_be(&point.y, session_key + 33);
MEMSET_BZERO(&point, sizeof(point));
*result_size = 65;
return 0;
}

20
ecdsa.c
View File

@ -629,6 +629,26 @@ void scalar_multiply(const ecdsa_curve *curve, const bignum256 *k, curve_point *
#endif
int ecdh_multiply(const ecdsa_curve *curve, const uint8_t *priv_key, const uint8_t *pub_key, uint8_t *session_key)
{
curve_point point;
if (!ecdsa_read_pubkey(curve, pub_key, &point)) {
return 1;
}
bignum256 k;
bn_read_be(priv_key, &k);
point_multiply(curve, &k, &point, &point);
MEMSET_BZERO(&k, sizeof(k));
session_key[0] = 0x04;
bn_write_be(&point.x, session_key + 1);
bn_write_be(&point.y, session_key + 33);
MEMSET_BZERO(&point, sizeof(point));
return 0;
}
// generate random K for signing
void generate_k_random(bignum256 *k) {
int i;

View File

@ -67,6 +67,7 @@ int point_is_infinity(const curve_point *p);
int point_is_equal(const curve_point *p, const curve_point *q);
int point_is_negative_of(const curve_point *p, const curve_point *q);
void scalar_multiply(const ecdsa_curve *curve, const bignum256 *k, curve_point *res);
int ecdh_multiply(const ecdsa_curve *curve, const uint8_t *priv_key, const uint8_t *pub_key, uint8_t *session_key);
void uncompress_coords(const ecdsa_curve *curve, uint8_t odd, const bignum256 *x, bignum256 *y);
int ecdsa_uncompress_pubkey(const ecdsa_curve *curve, const uint8_t *pub_key, uint8_t *uncompressed);