Ondřej Vejpustek
4a686d9231
feat(crypto): introduce bn_read_be_512
2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
93bb4c2e35
feat(crypto): introduce bn_reduce and bn_copy_lower
2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
2b00c72094
refactor(crypto): introduce bignum512
2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
3a2bdf16dd
feat(crypto): implement Legendre symbol
2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
5a9d399012
test(crypto): use P-256 prime in test_bignum.py
2023-09-27 14:04:45 +02:00
Andrew Kozlik
2b97a5bac0
test(crypto): Add SHA-384 test vectors.
2023-08-29 10:59:34 +02:00
Andrew Kozlik
91ef616b56
feat(crypto): Implement sha384_Raw().
2023-08-29 10:59:34 +02:00
Andrew Kozlik
b8adcf35fe
test(crypto): Add test vectors for TLS PRF with SHA-256.
2023-08-29 10:59:34 +02:00
Andrew Kozlik
9949f0d88a
feat(crypto): Implement TLS PRF with SHA-256.
2023-08-29 10:59:34 +02:00
Andrew Kozlik
f540bab5b8
test(crypto): Add AES-CCM test vectors.
2023-08-29 10:59:34 +02:00
Andrew Kozlik
4accf76954
feat(crypto): Implement AES-CCM.
2023-08-29 10:59:34 +02:00
Andrew Kozlik
c3f6e8f19f
feat(crypto): Support is_canonical parameter in zkp_ecdsa_sign_digest().
2023-06-21 08:36:20 +02:00
Andrew Kozlik
21f4aec8de
refactor: Unify secp256k1_zkp usage.
...
[no changelog]
2023-06-21 08:36:20 +02:00
grdddj
8ee4c41938
chore(crypto): refactor slip39 same way as bip39
2023-05-11 21:02:21 +02:00
Martin Milata
56491a0530
test(crypto): use newer OpenSSL API
...
[no changelog]
2023-04-19 13:05:03 +02:00
Ondrej Mikle
4d0381055c
fix(crypto): adapt to changing insecure PRNG to be opt-in
2023-03-22 10:21:21 +01:00
Ondrej Mikle
a5f7c19f7e
fix(core/bootloader): do not use insecure LCG PRNG. Change insecure PRNG to be opt-in, not opt-out
2023-03-22 10:21:21 +01:00
Christian Reitter
e2416bcec2
feat(crypto): improve return code handling, clean up the code and extend documentation
2023-03-02 17:27:33 +01:00
Andrew Kozlik
d815a7d6de
chore(core): Use C implementation of Bech32 decode.
2022-10-17 15:20:46 +02:00
Christian Reitter
cd32a4f50e
feat(crypto): correct formatting
2022-10-04 16:46:33 +02:00
Christian Reitter
31eb8e276b
feat(crypto): fix issues flagged by GCC
2022-10-04 16:46:33 +02:00
Christian Reitter
6fa1b7131b
feat(crypto): avoid memory resource leaks, remove unused variables and dead stores
2022-10-04 16:46:33 +02:00
Christian Reitter
d2737308c4
feat(crypto): remove -Wstrict-prototypes issues in zkp_context.c
2022-10-04 16:46:33 +02:00
Christian Reitter
61d93d0539
feat(crypto): avoid memory resource leaks, optimize error path
2022-10-04 16:46:33 +02:00
Christian Reitter
f1870102d2
feat(crypto): add targets and improve trezor-crypto fuzzer
2022-10-04 16:46:33 +02:00
Christian Reitter
5fe7d50232
feat(crypto): use macro for check pattern
2022-10-04 16:46:33 +02:00
Christian Reitter
d069b2955e
feat(crypto): improve trezor-crypto fuzzer
2022-10-04 16:46:33 +02:00
Christian Reitter
b56e848eaa
feat(crypto): mark uninteresting fuzzer inputs
2022-10-04 16:46:33 +02:00
Christian Reitter
e8d24290ad
feat(crypto): add fuzzing targets and improve documentation
2022-10-04 16:46:33 +02:00
Christian Reitter
1b04c801de
feat(crypto): improve trezor-crypto fuzzer
...
start using heap-based allocations for more precise ASAN checks
2022-10-04 16:46:33 +02:00
Dusan Klinec
90771ebb59
fix(xmr): fix tx sending to an integrated address
2022-09-30 13:47:06 +02:00
Pavol Rusnak
c962d3520b
Merge branch 'release/22.08'
2022-08-22 11:10:45 +02:00
Pavol Rusnak
cba74272e1
chore(crypto): remove graphene base58 functions as they are not used anywhere
...
[no changelog]
2022-08-08 12:02:01 +02:00
Andrew Kozlik
fa5e7feda6
fix(crypto): Fix nonce bias in CoSi signing.
2022-08-02 20:38:04 +02:00
matejcik
fcd43b93ac
feat(crypto): add thousands separator to bn_format
2022-08-02 20:35:49 +02:00
Andrew Kozlik
d19af9896b
refactor(crypto): Apply formatting to Monero code.
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
e0358c7f24
fix(crypto): fix required output length in xmr_base58_encode()
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
7a5cfbae19
fix(crypto): set output length correctly in xmr_base58_encode()
2022-07-14 15:47:54 +02:00
Andrew Kozlik
81c9cd66ef
fix(crypto): Set output length correctly in xmr_base58_decode().
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
f4d0dd9807
fix(crypto): initialize local variables to zero in ed25519-dona
2022-07-08 16:01:18 +02:00
Andrew Kozlik
c0cf84c03d
refactor(crypto): Reduce code duplication in ed25519.c.
2022-07-07 18:47:33 +02:00
Andrew Kozlik
093fbecb7a
refactor(crypto): Clean up ed25519_publickey_ext() API.
2022-07-07 18:47:33 +02:00
Andrew Kozlik
b1bee00a3a
fix(crypto): Fix bip39 out of bounds read.
2022-07-04 14:10:39 +02:00
matejcik
8c3d3c6548
chore: bump black to 22.3
...
changes:
* exponent operator ** now allows no spaces around itself: https://github.com/psf/black/issues/538
* optional unicode marker u"" is no longer allowed
[no changelog]
2022-06-29 14:35:16 +02:00
Andrew Kozlik
892f3e348d
fix(crypto): Remove public key from the ed25519 signing API.
...
[no changelog]
2022-06-27 18:59:08 +02:00
matejcik
38a36a131f
chore: rename BIP39_WORDS to BIP39_WORD_COUNT
2022-06-01 16:35:33 +02:00
matejcik
dfa4b1d9a1
build: add bip39_english.o where appropriate
...
[no changelog]
2022-06-01 16:35:33 +02:00
matejcik
61adb0a62b
feat(crypto): expose BIP39 wordlist
2022-06-01 16:35:33 +02:00
matejcik
e98464d2c8
build(crypto): make clang version cross-platform compatible
2022-06-01 16:35:33 +02:00
Ondřej Vejpustek
bdfc453245
refactor(crypto): remove code that is duplicated in secp256k1-zkp submodule
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
53d522a1fd
fix(crypto): reduce digest in RFC6979 to match specification
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
ea5886026f
refactor(crypto,legacy): extend parameters of init_rfc6979 by curve
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
db0da196a8
chore(vendor): update secp256k1-zkp to latest
2022-05-16 16:23:18 +02:00
Dusan Klinec
e69467bc04
chore(crypto): drop support for Monero range proof
2022-05-16 12:37:24 +02:00
Pavol Rusnak
8f1d33d5f9
build(core,legacy): remove gcc, use cc instead of gcc
...
for firmware builds we still use arm-none-eabi-gcc via $(PREFIX)gcc
[no changelog]
2022-04-27 15:48:14 +02:00
Ondřej Vejpustek
8356d0a572
fix(crypto): use zero auxiliary data in BIP340
2022-04-12 16:22:42 +02:00
Christian Reitter
420a031a32
docs(crypto): document fuzzer dictionary export format
2022-04-01 15:31:38 +02:00
Christian Reitter
49f2c5e7ea
feat(crypto): clear internal BIP32 & BIP39 caches
2022-04-01 15:31:38 +02:00
Christian Reitter
dbc070976e
feat(crypto): adapt to schnorr function removal
2022-04-01 15:31:38 +02:00
Christian Reitter
b9a3a73c27
feat(crypto): improved clang version checks, remove duplicate, adapt to refactor
...
Makefiles do not natively support compiler version checks, so some
shell-based tricks have to be used instead.
The ethereum_address_checksum() function changed, adapt input length.
2022-04-01 15:31:38 +02:00
Christian Reitter
cf3c57d0ae
feat(crypto): improve trezor-crypto fuzzer, add new dictionary extraction program
...
Introduce fuzzing harnesses for zkp* functions and adapt some differential fuzzing
Additional documentation and minor cleanup
Add temporary workaround for clang-14 and more explicit Makefile behavior
2022-04-01 15:31:38 +02:00
Christian Reitter
47a05720aa
docs(crypto): update fuzzer documentation
2022-04-01 15:31:38 +02:00
Christian Reitter
18192e8eb2
feat(crypto): small fuzzer improvements
...
change mnemonic_to_bits() approach, fuzz mnemonic_to_seed(), minor code fixes
2022-04-01 15:31:38 +02:00
Christian Reitter
052a860afc
feat(crypto): fuzz mnemonic_from_data()
2022-04-01 15:31:38 +02:00
Christian Reitter
5564251920
feat(crypto): improve fuzzer secp256k1-zkp integration, add build workaround and sanitizer optimization, minor renaming
2022-04-01 15:31:38 +02:00
Christian Reitter
aee864c7ee
feat(crypto): improve fuzz testing code, documentation
2022-04-01 15:31:38 +02:00
Pavol Rusnak
d2044d29b6
fix(crypto): add missing license to crypto/chacha20poly1305
...
[no changelog]
2022-03-16 10:54:15 +01:00
matejcik
2ce1e6ba7d
feat(crypto): API for clearing internal caches
2022-02-16 15:21:32 +01:00
Ondřej Vejpustek
146c1fe721
test(crypto): add tests for zkp_bip340_verify_publickey
2022-02-16 10:25:15 +01:00
Pavol Rusnak
ea6b005003
feat(legacy): verify bip340 pubkeys used in p2tr addresses
2022-02-16 10:25:15 +01:00
Ondřej Vejpustek
27d5bf1573
revert(crypto): remove BCH Schnorr signatures
...
This reverts commit 9ef26c347e
.
2022-01-31 13:56:06 +01:00
Andrew Kozlik
d6fdadf673
feat(crypto): Sanitize undefined behavior.
2022-01-19 15:22:03 +01:00
Andrew Kozlik
56126b75a7
ci: Use address sanitizer in CI.
...
[no changelog]
2022-01-19 15:22:03 +01:00
Pavol Rusnak
2880a2fa33
fix(crypto): refactor ethereum_address_checksum to prepend "0x" ( #2029 )
...
[no changelog]
2022-01-12 21:00:54 +01:00
Andrew Kozlik
8baf1ca79f
fix(crypto): Fix out of bounds read in ecdsa_sig_to_der().
...
[no changelog]
2022-01-11 17:29:53 +01:00
Christian Reitter
525bbab165
tests(crypto): update wycheproof testcase source and parsing
...
The JSON schema of the test cases has slightly changed.
The "curve" field has moved to the "testGroups" level and the X25519 algorithm has been renamed,
which requires adjustments in the parsing code.
A duplicate definition of "ecdh_vectors" has also been removed.
2022-01-07 16:55:24 +01:00
Christian Reitter
176b12762f
fix(crypto): fix expected_sig buffer handling
2022-01-07 14:54:52 +01:00
Christian Reitter
64281c69ce
fix(crypto): fix incorrect sig buffer size
2022-01-07 14:54:52 +01:00
Andrew Kozlik
4882648dad
fix(crypto): Treat point at infinity as an invalid public key in ecdsa_recover_pub_from_sig().
2022-01-07 14:37:40 +01:00
Pavol Rusnak
c0510fc91e
build(crypto): make valgrind flag compatible with secp256k1-zkp ( #2027 )
...
Co-authored-by: Ondřej Vejpustek <ondrej.vejpustek@satoshilabs.com>
2021-12-20 15:19:14 +01:00
Christian Reitter
d1d3558d02
fix(crypto): revert to bitwise OR operator and silence warning
2021-12-09 14:31:52 +01:00
Christian Reitter
0c482173ab
fix(crypto): use logical instead of bitwise operator
...
Discovered via clang-14 warnings for -Wbitwise-instead-of-logical
Closes https://github.com/satoshilabs/trezor-firmware/issues/129
2021-12-09 14:31:52 +01:00
Martin Milata
cace42c6e9
fix(crypto/test): fix uninitialized variable use
...
tests/test_speed.c:61:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
61 | ed25519_publickey(sk, pk);
tests/test_speed.c:145:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
145 | ed25519_publickey(sk, pk);
2021-12-06 16:25:59 +01:00
Christian Reitter
91dd21b561
fix(crypto): clarify incorrect base58.c code comment
2021-12-01 18:09:52 +01:00
Ondřej Vejpustek
a4e13cb6e4
fix(crypto): assign NULL to zkp_context after is is destroyed
2021-11-29 14:16:42 +01:00
Ondřej Vejpustek
f1ebe8f23e
refactor(crypto): expose zkp_context_is_initialized
2021-11-29 14:16:42 +01:00
Pavol Rusnak
7cd27cf1d6
fix(crypto): fix wrong input handling in mktable
...
[no changelog]
2021-11-19 23:10:34 +01:00
Andrew Kozlik
1f4573905f
feat(crypto): Add TapSigHash to Hasher.
2021-11-18 22:39:32 +01:00
Ondřej Vejpustek
2e4884199b
build(crypto): build secp256k1-zkp with flags needed by sanitizers
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
71b12a2a71
refactor(crypto): make secp256k1_context_writable_randomize() return status
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ad38d8e324
refactor(crypto,core): make zkp_context_init() return status
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ec808050ba
refactor(crypto): return error from ecdsa routines on unexpected curve
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
3612620268
build(crypto,core): make secp256k1-zkp context as small as possible
2021-11-18 19:05:40 +01:00
Andrew Kozlik
85ff3682c9
test(crypto): Add BIP-341 test vectors.
2021-11-13 13:33:46 +01:00
Andrew Kozlik
3f5c11a919
test(crypto): Add unit test for BIP340 tweak.
2021-11-13 13:33:46 +01:00
Andrew Kozlik
4a6bd14993
feat(crypto): Add key tweaking functions to zkp_bip340.c.
2021-11-13 13:33:46 +01:00
matejcik
ea0dcff548
feat(crypto): support all bip39 lengths in mnemonic_to_bits
2021-11-10 13:57:57 +01:00
matejcik
80e4b27f09
feat(crypto/cardano): implement Cardano Ledger derivation
2021-11-10 13:57:57 +01:00
matejcik
1174648777
refactor(crypto): extract Cardano derivations to separate file
...
Changes the API: all Cardano derivations will now produce a 96-byte
secret in the format of private_key + private_key_ext + chain_code.
This can then be trivially converted to a HDNode.
2021-11-10 13:57:57 +01:00
Ondřej Vejpustek
f96e737ef5
fix(crypto): fix undefined behaviour of IS_ALIGNED_64 macro
2021-11-08 17:38:51 +01:00