1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-12 01:18:14 +00:00
Commit Graph

92 Commits

Author SHA1 Message Date
Pavol Rusnak
b679a6b2a7
rename hasher_multisig to hasher_script 2018-09-05 19:53:35 +02:00
Pavol Rusnak
f9caee2489
introduce hasher_multisig to curve_info 2018-09-05 18:30:51 +02:00
Pavol Rusnak
0d215161dc
refactor cardano internal scalar functions 2018-09-05 12:59:37 +02:00
Pavol Rusnak
e929313f53
small changes to cardano due to last commit 2018-09-05 12:16:23 +02:00
Dušan Plavák
d2bc03fb59 replace cardano with v2 (#179) 2018-09-05 12:08:36 +02:00
leoreinaux
1863045da4 add smartcash curve (#176) 2018-08-30 12:02:42 +02:00
Pavol Rusnak
5d62454c6a
refactor hashers, introduce HASHER_SHA2_RIPEMD160 2018-08-01 15:03:43 +02:00
Pavol Rusnak
ff001a0f12
bip32: drop ugly decitoa 2018-07-10 20:21:18 +02:00
Pavol Rusnak
1730601d30
refactor mnemonic_check and mnemonic_to_entropy, style changes 2018-07-10 20:04:41 +02:00
jmuravsky
18b109e2bd Add Cardano currency support 2018-07-10 19:09:21 +02:00
Yura Pakhuchiy
e7281cf9f5 Add GRS curve 2018-04-23 16:15:59 +02:00
Peter D. Gray
b0af159096 bip32, options: optionally exclude 25519 curves in BIP32 support 2018-04-03 18:43:06 +02:00
Tomas Susanka
877998fa1a bip32/nem: IV is copied before encryption 2018-04-03 18:29:03 +02:00
Saleem Rashid
c70e440128 hasher: Replace hasher_Double with HASHER_*D
This allows us to finely control when to use a single hash or a double hash in
various places. For example, Bitcoin signatures use double SHA256, but Decred
signatures use a single BLAKE256. However, both use double hashes for Base58.
2018-04-03 18:28:06 +02:00
Jochen Hoenicke
009850f6c9 Fixed undefined behavior
This fixes a shift by 32 and shifts on signed integer that overflow.
2018-03-27 15:04:55 +02:00
Pavol Rusnak
bb4c3d0525
introduce and use memzero instead of explicit_bzero 2018-01-18 15:18:09 +01:00
Pavol Rusnak
b7f73ee3ff
use explicit_bzero 2018-01-16 19:41:27 +01:00
Peter D. Gray
cb8c910a0c Makefile: simplify include path, move subdirs to where used in C files 2018-01-13 14:51:51 +01:00
Saleem Rashid
764cc4c6e8 bip32: Add secp256k1-decred 2017-12-10 20:07:13 +01:00
Saleem Rashid
136c62e970 bip32: Add curve to hdnode_deserialize 2017-12-10 20:07:13 +01:00
Saleem Rashid
b41a51805f Use hasher_Raw instead of sha256_Raw 2017-12-10 20:07:13 +01:00
Saleem Rashid
ce0f3919e3 bip32: Add hdnode_nem_{en,de}crypt 2017-09-02 01:39:09 +02:00
Saleem Rashid
abda0f6504 bip32: Add hdnode_nem_get_shared_key 2017-09-02 01:39:09 +02:00
Saleem Rashid
8edc0c58d3 bip32: Add hdnode_get_nem_address 2017-09-02 01:39:09 +02:00
Jochen Hoenicke
9dfc6a4477
introduce confidential macro, mark confidential items 2017-08-16 13:38:49 +02:00
Saleem Rashid
dfdb4d2d76 bip32: Fix NULL dereference for EdDSA 2017-07-25 18:33:57 +02:00
Pavol Rusnak
af06a997cb
refactor ecdsa_get_address_segwit_p2sh{,_raw} 2017-07-25 17:59:26 +02:00
Pavol Rusnak
c950342063
refactor hdnode_public_ckd_address_optimized 2017-07-24 22:57:20 +02:00
Saleem Rashid
accae3e7d1
bip32: Add ed25519-sha3 & ed25519-keccak 2017-06-05 16:34:52 +02:00
Saleem Rashid
4cb090169c
curves: Add ed25519-sha3 & ed25519-keccak 2017-06-05 16:34:51 +02:00
Pavol Rusnak
671dad42df
whitespace in bip32.[ch], formatting in readme 2017-05-08 15:27:20 +02:00
Peter Banik
aaf45d704e
introduce version attributes to hdnode_serialize_public/private and hdnode_deserialize functions 2017-04-21 13:42:58 +02:00
Karel Bilek
08545a15e7 Experiment - generating segwit addresses 2017-04-11 16:59:29 +02:00
Jochen Hoenicke
aa16b53bba Refactored duplicated code (#84)
Changed signature of public_ckd_address_optimized to not include the
compressed public_key (uncompressed is in pub).
2017-03-30 17:38:49 +02:00
Pavol Rusnak
fdf1b6dc6d
remove duplicite curve25519 scalarmult implementations 2017-03-28 23:05:59 +02:00
Pavol Rusnak
4669c3db4c
more merging of curve25519 into ed25519 2017-03-28 19:48:36 +02:00
Pavol Rusnak
b55473a01e
add fingerprint output parameter to hdnode_private_ckd_cached function 2016-12-12 12:07:33 +01:00
Jochen Hoenicke
e855c60529 Use bn_add instead of bn_addmod (#80)
The bip32 private key derivation used bn_addmod to handle
wrap around.  This was never sufficient as bn_addmod uses only
bn_fast_mod, so an additional bn_mod is necessary.  The bn_fast_mod
helped when bn_mod was not side-channel safe.  Now that bn_mod uses
constant time code, we can get rid of the unnecessary bn_fast_mod
step and use bn_add instead of bn_addmod.
2016-11-05 21:21:48 +01:00
Pavol Rusnak
0abc61f672
use curve25519-donna from floodyberry 2016-10-24 20:51:57 +02:00
Roman Zeyde
228f9425d1 Fix small typo in return value checking (#75) 2016-10-22 00:26:29 +02:00
Pavol Rusnak
cf21bb2fbf
refactor ECDH multiplication into ecdh_multiply function 2016-10-21 18:19:01 +02:00
Pavol Rusnak
ed755120af
fix broken test_speed 2016-10-16 02:26:16 +02:00
Pavol Rusnak
707c869fb9 Merge pull request #74 from romanz/curve25519
Add support for Curve25519-based ECDH
2016-10-16 01:28:45 +02:00
Roman Zeyde
906c543ebc Implement ECDH with Curve25519 at BIP32 module 2016-10-14 23:36:19 +03:00
Jan Pochyla
f45bcc65f2 bip32: deserialize the fingerprint 2016-10-14 14:44:05 +02:00
Pavol Rusnak
4fb15a13d8
add hdnode_get_address 2016-10-08 18:18:32 +02:00
Pavol Rusnak
d10ec230c0
add support for multibyte address versions 2016-10-08 17:56:12 +02:00
Jochen Hoenicke
133c068f37 Reworked rfc6979 signing. (#72)
This adds an is_canonic parameter to all sign functions.  This is a
callback that determines if a signature corresponds to some coin
specific rules.  It is used, e. g., by ethereum (where the recovery
byte must be 0 or 1, and not 2 or 3) and or steem signatures (which
require both r and s to be between 2^248 and 2^255).

This also separates the initialization and the step function of the
random number generator, making it easy to restart the signature
process with the next random number.
2016-10-06 16:54:07 +02:00
Jan Pochyla
00413c0b6e bip32: serialization returns nu. of written bytes 2016-10-06 12:36:23 +02:00
Jochen Hoenicke
f4ed55377d Moved get_ethereum_address from ecdsa to bip32
The new name of the function is `hdnode_get_ethereum_address`
and it gets a hdnode as input as opposed to a public key.  This
also avoids first computing the compressed public key and then
uncompressing it.

Test cases were adapted to work with new function.  The test-vectors
are the same as for bip32 and independently checked with an adhoc
python implementation.
2016-08-18 16:21:33 +02:00