mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-29 02:48:18 +00:00
Pavol Rusnak
commit
de30ffbf9a
16
bip32.c
16
bip32.c
@ -36,16 +36,20 @@
|
|||||||
|
|
||||||
int hdnode_from_xpub(uint32_t depth, uint32_t fingerprint, uint32_t child_num, const uint8_t *chain_code, const uint8_t *public_key, const char* curve, HDNode *out)
|
int hdnode_from_xpub(uint32_t depth, uint32_t fingerprint, uint32_t child_num, const uint8_t *chain_code, const uint8_t *public_key, const char* curve, HDNode *out)
|
||||||
{
|
{
|
||||||
|
const ecdsa_curve *curve_info = get_curve_by_name(curve);
|
||||||
|
if (curve_info == 0) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
if (public_key[0] != 0x02 && public_key[0] != 0x03) { // invalid pubkey
|
if (public_key[0] != 0x02 && public_key[0] != 0x03) { // invalid pubkey
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
out->curve = curve_info;
|
||||||
out->depth = depth;
|
out->depth = depth;
|
||||||
out->fingerprint = fingerprint;
|
out->fingerprint = fingerprint;
|
||||||
out->child_num = child_num;
|
out->child_num = child_num;
|
||||||
memcpy(out->chain_code, chain_code, 32);
|
memcpy(out->chain_code, chain_code, 32);
|
||||||
MEMSET_BZERO(out->private_key, 32);
|
MEMSET_BZERO(out->private_key, 32);
|
||||||
memcpy(out->public_key, public_key, 33);
|
memcpy(out->public_key, public_key, 33);
|
||||||
out->curve = get_curve_by_name(curve);
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -53,10 +57,12 @@ int hdnode_from_xprv(uint32_t depth, uint32_t fingerprint, uint32_t child_num, c
|
|||||||
{
|
{
|
||||||
bignum256 a;
|
bignum256 a;
|
||||||
bn_read_be(private_key, &a);
|
bn_read_be(private_key, &a);
|
||||||
out->curve = get_curve_by_name(curve);
|
|
||||||
|
|
||||||
bool failed = false;
|
bool failed = false;
|
||||||
if (bn_is_zero(&a)) { // == 0
|
const ecdsa_curve *curve_info = get_curve_by_name(curve);
|
||||||
|
if (curve_info == 0) {
|
||||||
|
failed = true;
|
||||||
|
} else if (bn_is_zero(&a)) { // == 0
|
||||||
failed = true;
|
failed = true;
|
||||||
} else {
|
} else {
|
||||||
if (!bn_is_less(&a, &out->curve->order)) { // >= order
|
if (!bn_is_less(&a, &out->curve->order)) { // >= order
|
||||||
@ -69,6 +75,7 @@ int hdnode_from_xprv(uint32_t depth, uint32_t fingerprint, uint32_t child_num, c
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
out->curve = curve_info;
|
||||||
out->depth = depth;
|
out->depth = depth;
|
||||||
out->fingerprint = fingerprint;
|
out->fingerprint = fingerprint;
|
||||||
out->child_num = child_num;
|
out->child_num = child_num;
|
||||||
@ -86,6 +93,9 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char* curve, HDNod
|
|||||||
out->fingerprint = 0x00000000;
|
out->fingerprint = 0x00000000;
|
||||||
out->child_num = 0;
|
out->child_num = 0;
|
||||||
out->curve = get_curve_by_name(curve);
|
out->curve = get_curve_by_name(curve);
|
||||||
|
if (out->curve == 0) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
hmac_sha512((const uint8_t*) out->curve->bip32_name,
|
hmac_sha512((const uint8_t*) out->curve->bip32_name,
|
||||||
strlen(out->curve->bip32_name), seed, seed_len, I);
|
strlen(out->curve->bip32_name), seed, seed_len, I);
|
||||||
memcpy(out->private_key, I, 32);
|
memcpy(out->private_key, I, 32);
|
||||||
|
|||||||
28
tests.c
28
tests.c
@ -648,6 +648,33 @@ START_TEST(test_bip32_nist_compare)
|
|||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test_bip32_nist_invalid)
|
||||||
|
{
|
||||||
|
HDNode node, node2;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
// init m
|
||||||
|
hdnode_from_seed(fromhex("000102030405060708090a0b0c0d0e0f"), 16, NIST256P1_NAME, &node);
|
||||||
|
|
||||||
|
// [Chain m/28578']
|
||||||
|
r = hdnode_private_ckd_prime(&node, 28578);
|
||||||
|
ck_assert_int_eq(r, 1);
|
||||||
|
ck_assert_int_eq(node.fingerprint, 0xbe6105b5);
|
||||||
|
ck_assert_mem_eq(node.chain_code, fromhex("e94c8ebe30c2250a14713212f6449b20f3329105ea15b652ca5bdfc68f6c65c2"), 32);
|
||||||
|
ck_assert_mem_eq(node.private_key, fromhex("06f0db126f023755d0b8d86d4591718a5210dd8d024e3e14b6159d63f53aa669"), 32);
|
||||||
|
ck_assert_mem_eq(node.public_key, fromhex("02519b5554a4872e8c9c1c847115363051ec43e93400e030ba3c36b52a3e70a5b7"), 33);
|
||||||
|
|
||||||
|
memcpy(&node2, &node, sizeof(HDNode));
|
||||||
|
r = hdnode_private_ckd(&node2, 33941);
|
||||||
|
ck_assert_int_eq(r, 0);
|
||||||
|
|
||||||
|
memcpy(&node2, &node, sizeof(HDNode));
|
||||||
|
memset(&node2.private_key, 0, 32);
|
||||||
|
r = hdnode_public_ckd(&node2, 33941);
|
||||||
|
ck_assert_int_eq(r, 0);
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
#define test_deterministic(KEY, MSG, K) do { \
|
#define test_deterministic(KEY, MSG, K) do { \
|
||||||
sha256_Raw((uint8_t *)MSG, strlen(MSG), buf); \
|
sha256_Raw((uint8_t *)MSG, strlen(MSG), buf); \
|
||||||
res = generate_k_rfc6979(curve, &k, fromhex(KEY), buf); \
|
res = generate_k_rfc6979(curve, &k, fromhex(KEY), buf); \
|
||||||
@ -1569,6 +1596,7 @@ Suite *test_suite(void)
|
|||||||
tcase_add_test(tc, test_bip32_nist_vector_1);
|
tcase_add_test(tc, test_bip32_nist_vector_1);
|
||||||
tcase_add_test(tc, test_bip32_nist_vector_2);
|
tcase_add_test(tc, test_bip32_nist_vector_2);
|
||||||
tcase_add_test(tc, test_bip32_nist_compare);
|
tcase_add_test(tc, test_bip32_nist_compare);
|
||||||
|
tcase_add_test(tc, test_bip32_nist_invalid);
|
||||||
suite_add_tcase(s, tc);
|
suite_add_tcase(s, tc);
|
||||||
|
|
||||||
tc = tcase_create("rfc6979");
|
tc = tcase_create("rfc6979");
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user