arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-02-02 10:51:06 +00:00
Code Issues Releases Wiki Activity

Merge pull request #21 from jhoenicke/master

Browse Source 
Fix RFC6979 generation of k.
This commit is contained in:
Pavol Rusnak 2015-02-11 16:42:32 +01:00
commit f4fe7c9aa5
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ecdsa.c
View File

@ -256,7 +256,7 @@ int generate_k_random(bignum256 *k) {
int generate_k_rfc6979(bignum256 *secret, const uint8_t *priv_key, const uint8_t *hash)
{
int i;
uint8_t v[32], k[32], bx[2*32], buf[32 + 1 + sizeof(bx)], t[32];
uint8_t v[32], k[32], bx[2*32], buf[32 + 1 + sizeof(bx)];
bignum256 z1;
memcpy(bx, priv_key, 32);
@ -280,8 +280,8 @@ int generate_k_rfc6979(bignum256 *secret, const uint8_t *priv_key, const uint8_t
hmac_sha256(k, sizeof(k), v, sizeof(k), v);
for (i = 0; i < 10000; i++) {
hmac_sha256(k, sizeof(k), v, sizeof(v), t);
bn_read_be(t, secret);
hmac_sha256(k, sizeof(k), v, sizeof(v), v);
bn_read_be(v, secret);
if ( !bn_is_zero(secret) && bn_is_less(secret, &order256k1) ) {
return 0; // good number -> no error
}