Pavol Rusnak
9a8e982153
implement bip39 cache
2016-01-19 15:11:57 +01:00
251
1d7fb4e38f
Fixes a bug in the test_pbkdf2_hmac_sha256 test.
...
This bug fix sets the length of the derived key in the last test_pbkdf2_hmac_sha256 test to 40 bytes to fix a buffer overflow, which is caused by the call to the pbkdf2_hmac_sha256 function, on the memory reserved by the local variable k.
2015-09-21 23:51:10 +02:00
Jochen Hoenicke
e1347fcdf8
New Unit Tests
...
- Added unit tests for the NIST curve.
- Fix some missing bn_mod in unit tests.
- New tests for tricky 2 (2j+1) 2^{4i} exponents.
2015-08-05 21:42:40 +02:00
Jochen Hoenicke
6ba4d288b0
Cleaned up bignum code
...
1. Fixed bn_multiply_step to handle small primes.
2. Removed many calls to bn_mod to prevent side-channel leakage.
2015-08-05 19:36:30 +02:00
Roman Zeyde
0164137786
tests: fix signedness error
2015-07-29 21:49:00 +03:00
Roman Zeyde
7c58fc11a4
Add support for NIST256P1 elliptic curve
...
This enables SSH ECDSA public key authentication.
2015-06-26 10:33:14 +03:00
Pavol Rusnak
00954da5fe
fix /dev/urandom problem
2015-05-04 19:53:06 +02:00
Pavol Rusnak
21d0bb437a
cleanup coding style
2015-04-13 18:19:33 +02:00
Pavol Rusnak
f1b8f55d92
use curly braces in if block
2015-04-11 20:01:45 +02:00
Jochen Hoenicke
c90f79bce2
Added new tests for point multiplication
2015-04-11 13:12:03 +02:00
Jochen Hoenicke
1700caf2ad
scalar_mult based on Jacobian representation
...
This version of scalar_mult should be faster and much better
against side-channel attacks. Except bn_inverse and bn_mod
all functions are constant time. bn_inverse is only used
in the last step and its input is randomized. The function
bn_mod is only taking extra time in 2^32/2^256 cases, so
in practise it should not occur at all. The input to bn_mod
is also depending on the random value.
There is secret dependent array access in scalar_multiply,
so cache may be an issue.
2015-03-17 19:18:34 +01:00
Pavol Rusnak
cb9ccc5cf4
remove all references to USE_PUBKEY_VALIDATE
2015-03-12 15:53:41 +01:00
Pavol Rusnak
92ab7504b2
add one more bip32_cache test
2015-03-04 15:43:14 +01:00
Pavol Rusnak
f4e6010e18
implement BIP32 cache
2015-01-26 19:10:19 +01:00
Dustin Laurence
1c672dca2b
Remove now-redundant embedded header
2015-01-25 08:49:52 -08:00
Pavol Rusnak
89a7d7797b
replace base58 implementation
2014-12-23 03:11:58 +01:00
Pavol Rusnak
b4cdba8489
export pby from ecdsa_sign functions
2014-12-08 21:08:49 +01:00
Pavol Rusnak
f6560c7d13
split pbkdf2 into pbkdf2_hmac_sha256 and pbkdf2_hmac_sha512
2014-10-30 01:35:13 +01:00
Dustin Laurence
e0b083a0b0
Make CMakeLists.txt build tests
2014-07-16 13:41:29 -05:00
Pavol Rusnak
bb73936959
use more warnings from trezor-mcu
2014-07-07 21:34:54 +02:00
Pavol Rusnak
0fe1857513
normalize y^2 in pubkey validation
...
fix last commit
2014-07-07 21:11:25 +02:00
Pavol Rusnak
b9d5896174
make pubkey validation optional, extract options to separate header
2014-07-07 20:14:36 +02:00
Ondrej Mikle
02048f88b5
Tests for public key validity check.
2014-07-07 15:13:36 +02:00
Pavol Rusnak
eec5f7df15
fix bug in unoptimized branch of code
2014-07-03 10:16:19 +02:00
Pavol Rusnak
b16e36f10e
rename aes_ctr_counter_inc to aes_ctr_cbuf_inc and move it to aes_modes.c
2014-06-07 14:16:27 +02:00
Pavol Rusnak
99900eb323
update AES code to support different modes of operation, add unittests
2014-06-07 13:38:56 +02:00
Pavol Rusnak
5e9cd15527
use new base58 code for address functions, add function for obtaining wif
2014-05-22 22:29:53 +02:00
Pavol Rusnak
612f5ab050
fix copyright headers
2014-05-22 20:54:58 +02:00
Pavol Rusnak
c1140e071e
added deserialization
2014-05-21 00:22:48 +02:00
Pavol Rusnak
44116b8a74
make serialize api more friendly
2014-05-15 19:35:28 +02:00
Pavol Rusnak
c08bbfa58e
fix last commit
2014-05-15 18:50:28 +02:00
Pavol Rusnak
c1dc507189
add hdnode serialization function
2014-05-15 17:36:23 +02:00
Pavol Rusnak
94d4a3733e
fix typos
2014-04-11 15:33:29 +02:00
Pavol Rusnak
e827517591
add mnemonic_check function
2014-03-12 20:45:51 +01:00
Pavol Rusnak
393c298c35
add progress_callback to mnemonic/pbkdf2 functions
2014-03-11 20:14:06 +01:00
Pavol Rusnak
d5e1ff8be8
remove version_byte and address from bip32
2014-02-21 22:51:49 +01:00
Pavol Rusnak
8c47b572df
new test to compare private and public branch of bip32
2014-02-21 20:30:22 +01:00
Pavol Rusnak
18dea22213
get rid of bip32 versions, it's a mess :(
2014-02-21 19:41:33 +01:00
Pavol Rusnak
d0e152a088
replace SHA256/SHA512 prefix with sha256/sha512 (OpenSSL clash)
2014-02-19 21:26:42 +01:00
Pavol Rusnak
1034b28f90
use both private and public bip32 versions
2014-02-19 16:58:48 +01:00
Pavol Rusnak
50fb43127f
use -Wextra
2014-02-08 19:12:07 +01:00
Pavol Rusnak
d433bcfa10
fix ecdsa_sig_to_der
2014-02-08 15:55:03 +01:00
Pavol Rusnak
81f462a5c5
add ecdsa_sig_to_der
2014-02-02 22:01:43 +01:00
Pavol Rusnak
a40a077613
rework ecdsa_address_to_hash160 into ecdsa_address_decode
2014-01-31 15:26:51 +01:00
Pavol Rusnak
2e4ec7fe0a
introduce ecdsa_address_to_hash160
2014-01-30 20:34:05 +01:00
Pavol Rusnak
7dc057c903
add testcases for address generation
...
fix bug for version != 0
process uncompressed pubkeys as well
2014-01-27 19:57:44 +01:00
Pavol Rusnak
c0ee25c851
don't use implicit versions in bip32
2014-01-21 18:38:44 +01:00
Pavol Rusnak
8764a03453
compute fingerprints
2014-01-14 15:29:46 +01:00
Pavol Rusnak
ed7e2e5058
implement public child key derivation
2014-01-14 14:35:13 +01:00
Pavol Rusnak
3589cf5cbf
use 4096 pbkdf2 rounds for bip39
2013-12-10 16:24:51 +01:00
Pavol Rusnak
352bc42be2
use PBKDF2 for BIP39, add unit tests
2013-12-09 16:25:03 +01:00
Pavol Rusnak
6b66f29c3b
use fixed block size (128-bit) for AES again
2013-11-28 00:52:39 +01:00
Pavol Rusnak
6939275362
use TREZOR as passphrase to check protection
2013-11-25 23:06:02 +01:00
Pavol Rusnak
1c9046b66d
reworked bip39 including tests
2013-11-25 22:46:54 +01:00
Pavol Rusnak
150c770e4e
xprvnode -> hdnode, add hdnode_from_pub function
2013-11-25 15:37:49 +01:00
Pavol Rusnak
b14ce58df7
rename xprv struct to XprvNode
2013-11-08 12:44:11 +01:00
Pavol Rusnak
42da580ce8
bip39 implementation with unit tests
2013-11-08 02:02:16 +01:00
Pavol Rusnak
9308fddb7f
replace blowfish with rijndael
2013-10-10 14:58:59 +02:00
Pavol Rusnak
69a88a28a8
simplify rfc6979 tests
2013-10-08 22:59:36 +02:00
Pavol Rusnak
0fc4ad0976
move declaration
2013-10-08 21:07:53 +02:00
Pavol Rusnak
99565b3130
fix blowfish. add unit tests for blowfish
2013-10-08 16:59:14 +02:00
Pavol Rusnak
47cb0fefce
renamed to trezor-crypto, modified readme
2013-10-08 14:18:35 +02:00
Pavol Rusnak
9205c0d952
use canonical signatures (if S > Order/2: S = Order - S)
2013-10-08 14:06:48 +02:00
Pavol Rusnak
7e41c2a568
add blowfish algo with tests
2013-10-07 21:48:32 +02:00
Pavol Rusnak
e19f7cd2e5
add more rfc6979 test vectors by fpgaminer
2013-10-01 16:45:26 +02:00
Pavol Rusnak
71ff1c5124
replace infinite loops with loops with counters
2013-09-27 15:55:55 +02:00
Pavol Rusnak
f4f246f3d7
optimize computations
2013-09-27 15:42:52 +02:00
Pavol Rusnak
74a5b04b81
verify now supports compressed keys
2013-09-24 18:48:46 +02:00
Pavol Rusnak
896905c5c8
remove der encoding, introduce 33/65 bytes pubkeys, 64 bytes signature
2013-09-23 21:13:44 +02:00
Pavol Rusnak
58a65d9cd7
move speed tests to unit testing suite
2013-09-22 15:05:59 +02:00
Pavol Rusnak
2df62d4877
use unit tests via Check instead of small test programs
2013-09-21 17:41:02 +02:00