Pavol Rusnak
4dba3ca38a
cleanup
2017-04-11 17:12:30 +02:00
Karel Bilek
078b387399
Build trezor-crypto
2017-04-11 16:59:29 +02:00
Karel Bilek
d01aa69c26
Read segwit from input
2017-04-11 16:59:29 +02:00
Karel Bilek
0094706e0e
Adding segwit test vector
2017-04-11 16:59:29 +02:00
Karel Bilek
6089167f65
Fixing C test of optimized bip32
2017-04-11 16:59:29 +02:00
Karel Bilek
08545a15e7
Experiment - generating segwit addresses
2017-04-11 16:59:29 +02:00
Karel Bilek
81c61ba5a4
Adding emscripten tests
2017-04-11 16:59:29 +02:00
Pavol Rusnak
e15a7bc986
add extra test for rfc6979 from the paper
2017-04-03 21:19:19 +02:00
Pavol Rusnak
a820a5601b
split rfc6979 from ecdsa into separate module
2017-04-03 20:58:53 +02:00
Pavol Rusnak
3d04064384
don't skip const if not using gcc
2017-04-02 02:54:46 +02:00
Pavol Rusnak
a8aacac6be
ecdsa: rand -> rnd
2017-04-02 02:52:50 +02:00
Pavol Rusnak
900f4b0756
build: don't use const for ed25519/cosi if gcc<5
2017-04-02 02:51:09 +02:00
Pavol Rusnak
b666039f66
ed25519_cosi: small changes to code style
2017-04-02 01:28:18 +02:00
Jochen Hoenicke
d3d88591d0
Added co-signing for ed25519.
2017-04-02 01:18:03 +02:00
Pavol Rusnak
12af9b262b
build: switch to gcc-5 (in travis)
2017-04-02 01:13:50 +02:00
Pavol Rusnak
a46c372969
build: use trusty in travis
2017-04-02 00:01:07 +02:00
Pavol Rusnak
6d236cf5a1
fix typo in readme
2017-03-31 01:36:29 +02:00
Pavol Rusnak
36f099fe62
update emscripten stuff
2017-03-30 17:53:09 +02:00
Jochen Hoenicke
aa16b53bba
Refactored duplicated code ( #84 )
...
Changed signature of public_ckd_address_optimized to not include the
compressed public_key (uncompressed is in pub).
2017-03-30 17:38:49 +02:00
Pavol Rusnak
323d6b023a
fix build
2017-03-30 15:07:29 +02:00
Pavol Rusnak
c200ce121a
introduce ED25519_NO_PRECOMP flag to optimize ed25519 verify size
2017-03-29 00:18:56 +02:00
Pavol Rusnak
df2524e35b
add changes to cmake/qmake builds
2017-03-28 23:18:55 +02:00
Pavol Rusnak
fdf1b6dc6d
remove duplicite curve25519 scalarmult implementations
2017-03-28 23:05:59 +02:00
Pavol Rusnak
1d232a6f86
whitespace cleanup
2017-03-28 22:52:02 +02:00
Pavol Rusnak
b1bee409e7
ed22519: remove more unused stuff, don't inline
2017-03-28 20:26:43 +02:00
Pavol Rusnak
4669c3db4c
more merging of curve25519 into ed25519
2017-03-28 19:48:36 +02:00
Pavol Rusnak
8cc6539d2d
remove unused functions
2017-03-28 19:20:40 +02:00
Pavol Rusnak
092d8e7bf1
merge curve25519 into ed25519, code reuse
2017-03-28 18:53:09 +02:00
Pavol Rusnak
397a13f654
simplify ed25519 code
2017-03-28 18:32:58 +02:00
Pavol Rusnak
cb471ba2ec
upgrade ed25519 to forthy42 fork
2017-03-28 18:01:42 +02:00
Pavol Rusnak
87c920a7e7
use BLOCK_LENGTH and DIGEST_LENGTH across all hash functions
2017-03-20 20:20:14 +01:00
Pavol Rusnak
27807fd367
blake: add compat macros
2017-03-20 19:19:24 +01:00
Pavol Rusnak
9a2310fc53
add Blake2b
2017-02-28 18:14:54 +01:00
Pavol Rusnak
3d364aac36
we don't use OPTIMIZED_IV anywhere anymore
2017-01-11 15:33:46 +01:00
Pavol Rusnak
3b97a8b34c
Merge pull request #83 from jhoenicke/master
...
Removed duplicated code for multi-byte prefixes
2017-01-04 15:29:48 +01:00
Jochen Hoenicke
1fb56e3466
Test cases for multibyte address prefixes
2017-01-04 15:16:55 +01:00
Jochen Hoenicke
9443aefa9a
Multi-byte prefix cleanup
...
use the functions from address.c in ecdsa.c to avoid duplicated code.
2017-01-04 15:16:55 +01:00
Pavol Rusnak
b55473a01e
add fingerprint output parameter to hdnode_private_ckd_cached function
2016-12-12 12:07:33 +01:00
Saleem Rashid
6aac03d2d8
CMakeLists: Allow use as a library ( #82 )
...
This allows TrezorCrypto to be linked with by other CMake projects
2016-11-16 22:58:12 +01:00
Jan Pochyla
20bb7e9b5c
sha1: fix context zeroing
2016-11-06 16:02:10 +01:00
Jochen Hoenicke
949220ac0b
Protect signing against side-channel attack ( #81 )
...
Signing uses the bn_inverse function that is prone to side-channel
attacks. We randomize its argument by multiplying it with a random
non-zero number. At the end we multiply again by the same number to
cancel it out.
Changed get_k_random to take the prime range as a second argument and
to return a non-zero number. This function was previously only used
for (non-rfc6979) signing and is now used for side-channel protection.
2016-11-06 15:20:07 +01:00
Pavol Rusnak
e68267e04b
undef ALIGN macro in curve25519
2016-11-06 15:16:09 +01:00
Pavol Rusnak
bb61fb75d8
segwit address sizes
2016-11-05 22:27:10 +01:00
Jochen Hoenicke
e855c60529
Use bn_add instead of bn_addmod ( #80 )
...
The bip32 private key derivation used bn_addmod to handle
wrap around. This was never sufficient as bn_addmod uses only
bn_fast_mod, so an additional bn_mod is necessary. The bn_fast_mod
helped when bn_mod was not side-channel safe. Now that bn_mod uses
constant time code, we can get rid of the unnecessary bn_fast_mod
step and use bn_add instead of bn_addmod.
2016-11-05 21:21:48 +01:00
Saleem Rashid
19efbeef8d
sha2: add sha1_Raw
2016-11-05 15:14:37 +01:00
Saleem Rashid
d812c7209f
sha2: import SHA1 implementation
2016-11-05 15:14:37 +01:00
Saleem Rashid
0acfb2cf28
tests: add SHA1 test
2016-11-05 15:14:37 +01:00
Saleem Rashid
1b79c93bbc
sha2: NIST FIPS 180-2 naming conventions
2016-11-05 15:14:37 +01:00
Pavol Rusnak
a91e005633
extract block size and digest size as macros in ripemd160
2016-11-01 16:32:44 +01:00
Pavol Rusnak
f4e4c29356
add blake2s, add unittests for blake2s and sha3
2016-11-01 16:22:20 +01:00