1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-01 20:08:26 +00:00
Commit Graph

263 Commits

Author SHA1 Message Date
Andrew Kozlik
f4b1b8a76a test(crypto): Test DER encoding. 2023-12-01 00:09:17 +01:00
Andrew Kozlik
d670a0bdfa feat(core): Fix malformed signatures from Optiga. 2023-12-01 00:09:17 +01:00
Andrew Kozlik
388e925de8 feat(crypto): Add basic DER decoding functions. 2023-12-01 00:09:17 +01:00
Andrew Kozlik
dee559f4f9 feat(core): Integrate Optiga into PIN verification. 2023-09-27 17:17:09 +02:00
Ondřej Vejpustek
4ecd4cc323 feat(crypto): implement hashing to curve 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
72acf9d285 fix(crypto): fix assertion 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
4a686d9231 feat(crypto): introduce bn_read_be_512 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
93bb4c2e35 feat(crypto): introduce bn_reduce and bn_copy_lower 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
2b00c72094 refactor(crypto): introduce bignum512 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
3a2bdf16dd feat(crypto): implement Legendre symbol 2023-09-27 14:04:45 +02:00
Ondřej Vejpustek
5a9d399012 test(crypto): use P-256 prime in test_bignum.py 2023-09-27 14:04:45 +02:00
Andrew Kozlik
2b97a5bac0 test(crypto): Add SHA-384 test vectors. 2023-08-29 10:59:34 +02:00
Andrew Kozlik
91ef616b56 feat(crypto): Implement sha384_Raw(). 2023-08-29 10:59:34 +02:00
Andrew Kozlik
b8adcf35fe test(crypto): Add test vectors for TLS PRF with SHA-256. 2023-08-29 10:59:34 +02:00
Andrew Kozlik
9949f0d88a feat(crypto): Implement TLS PRF with SHA-256. 2023-08-29 10:59:34 +02:00
Andrew Kozlik
f540bab5b8 test(crypto): Add AES-CCM test vectors. 2023-08-29 10:59:34 +02:00
Andrew Kozlik
4accf76954 feat(crypto): Implement AES-CCM. 2023-08-29 10:59:34 +02:00
Andrew Kozlik
c3f6e8f19f feat(crypto): Support is_canonical parameter in zkp_ecdsa_sign_digest(). 2023-06-21 08:36:20 +02:00
Andrew Kozlik
21f4aec8de refactor: Unify secp256k1_zkp usage.
[no changelog]
2023-06-21 08:36:20 +02:00
grdddj
8ee4c41938 chore(crypto): refactor slip39 same way as bip39 2023-05-11 21:02:21 +02:00
Martin Milata
56491a0530 test(crypto): use newer OpenSSL API
[no changelog]
2023-04-19 13:05:03 +02:00
Ondrej Mikle
4d0381055c fix(crypto): adapt to changing insecure PRNG to be opt-in 2023-03-22 10:21:21 +01:00
Ondrej Mikle
a5f7c19f7e fix(core/bootloader): do not use insecure LCG PRNG. Change insecure PRNG to be opt-in, not opt-out 2023-03-22 10:21:21 +01:00
Christian Reitter
e2416bcec2 feat(crypto): improve return code handling, clean up the code and extend documentation 2023-03-02 17:27:33 +01:00
Andrew Kozlik
d815a7d6de chore(core): Use C implementation of Bech32 decode. 2022-10-17 15:20:46 +02:00
Christian Reitter
cd32a4f50e feat(crypto): correct formatting 2022-10-04 16:46:33 +02:00
Christian Reitter
31eb8e276b feat(crypto): fix issues flagged by GCC 2022-10-04 16:46:33 +02:00
Christian Reitter
6fa1b7131b feat(crypto): avoid memory resource leaks, remove unused variables and dead stores 2022-10-04 16:46:33 +02:00
Christian Reitter
d2737308c4 feat(crypto): remove -Wstrict-prototypes issues in zkp_context.c 2022-10-04 16:46:33 +02:00
Christian Reitter
61d93d0539 feat(crypto): avoid memory resource leaks, optimize error path 2022-10-04 16:46:33 +02:00
Christian Reitter
f1870102d2 feat(crypto): add targets and improve trezor-crypto fuzzer 2022-10-04 16:46:33 +02:00
Christian Reitter
5fe7d50232 feat(crypto): use macro for check pattern 2022-10-04 16:46:33 +02:00
Christian Reitter
d069b2955e feat(crypto): improve trezor-crypto fuzzer 2022-10-04 16:46:33 +02:00
Christian Reitter
b56e848eaa feat(crypto): mark uninteresting fuzzer inputs 2022-10-04 16:46:33 +02:00
Christian Reitter
e8d24290ad feat(crypto): add fuzzing targets and improve documentation 2022-10-04 16:46:33 +02:00
Christian Reitter
1b04c801de feat(crypto): improve trezor-crypto fuzzer
start using heap-based allocations for more precise ASAN checks
2022-10-04 16:46:33 +02:00
Dusan Klinec
90771ebb59 fix(xmr): fix tx sending to an integrated address 2022-09-30 13:47:06 +02:00
Pavol Rusnak
c962d3520b
Merge branch 'release/22.08' 2022-08-22 11:10:45 +02:00
Pavol Rusnak
cba74272e1 chore(crypto): remove graphene base58 functions as they are not used anywhere
[no changelog]
2022-08-08 12:02:01 +02:00
Andrew Kozlik
fa5e7feda6 fix(crypto): Fix nonce bias in CoSi signing. 2022-08-02 20:38:04 +02:00
matejcik
fcd43b93ac feat(crypto): add thousands separator to bn_format 2022-08-02 20:35:49 +02:00
Andrew Kozlik
d19af9896b refactor(crypto): Apply formatting to Monero code. 2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
e0358c7f24 fix(crypto): fix required output length in xmr_base58_encode() 2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
7a5cfbae19 fix(crypto): set output length correctly in xmr_base58_encode() 2022-07-14 15:47:54 +02:00
Andrew Kozlik
81c9cd66ef fix(crypto): Set output length correctly in xmr_base58_decode(). 2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
f4d0dd9807 fix(crypto): initialize local variables to zero in ed25519-dona 2022-07-08 16:01:18 +02:00
Andrew Kozlik
c0cf84c03d refactor(crypto): Reduce code duplication in ed25519.c. 2022-07-07 18:47:33 +02:00
Andrew Kozlik
093fbecb7a refactor(crypto): Clean up ed25519_publickey_ext() API. 2022-07-07 18:47:33 +02:00
Andrew Kozlik
b1bee00a3a fix(crypto): Fix bip39 out of bounds read. 2022-07-04 14:10:39 +02:00
matejcik
8c3d3c6548 chore: bump black to 22.3
changes:
* exponent operator ** now allows no spaces around itself: https://github.com/psf/black/issues/538
* optional unicode marker u"" is no longer allowed

[no changelog]
2022-06-29 14:35:16 +02:00
Andrew Kozlik
892f3e348d fix(crypto): Remove public key from the ed25519 signing API.
[no changelog]
2022-06-27 18:59:08 +02:00
matejcik
38a36a131f chore: rename BIP39_WORDS to BIP39_WORD_COUNT 2022-06-01 16:35:33 +02:00
matejcik
dfa4b1d9a1 build: add bip39_english.o where appropriate
[no changelog]
2022-06-01 16:35:33 +02:00
matejcik
61adb0a62b feat(crypto): expose BIP39 wordlist 2022-06-01 16:35:33 +02:00
matejcik
e98464d2c8 build(crypto): make clang version cross-platform compatible 2022-06-01 16:35:33 +02:00
Ondřej Vejpustek
bdfc453245 refactor(crypto): remove code that is duplicated in secp256k1-zkp submodule 2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
53d522a1fd fix(crypto): reduce digest in RFC6979 to match specification 2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
ea5886026f refactor(crypto,legacy): extend parameters of init_rfc6979 by curve 2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
db0da196a8 chore(vendor): update secp256k1-zkp to latest 2022-05-16 16:23:18 +02:00
Dusan Klinec
e69467bc04 chore(crypto): drop support for Monero range proof 2022-05-16 12:37:24 +02:00
Pavol Rusnak
8f1d33d5f9 build(core,legacy): remove gcc, use cc instead of gcc
for firmware builds we still use arm-none-eabi-gcc via $(PREFIX)gcc

[no changelog]
2022-04-27 15:48:14 +02:00
Ondřej Vejpustek
8356d0a572 fix(crypto): use zero auxiliary data in BIP340 2022-04-12 16:22:42 +02:00
Christian Reitter
420a031a32 docs(crypto): document fuzzer dictionary export format 2022-04-01 15:31:38 +02:00
Christian Reitter
49f2c5e7ea feat(crypto): clear internal BIP32 & BIP39 caches 2022-04-01 15:31:38 +02:00
Christian Reitter
dbc070976e feat(crypto): adapt to schnorr function removal 2022-04-01 15:31:38 +02:00
Christian Reitter
b9a3a73c27 feat(crypto): improved clang version checks, remove duplicate, adapt to refactor
Makefiles do not natively support compiler version checks, so some
shell-based tricks have to be used instead.
The ethereum_address_checksum() function changed, adapt input length.
2022-04-01 15:31:38 +02:00
Christian Reitter
cf3c57d0ae feat(crypto): improve trezor-crypto fuzzer, add new dictionary extraction program
Introduce fuzzing harnesses for zkp* functions and adapt some differential fuzzing
Additional documentation and minor cleanup
Add temporary workaround for clang-14 and more explicit Makefile behavior
2022-04-01 15:31:38 +02:00
Christian Reitter
47a05720aa docs(crypto): update fuzzer documentation 2022-04-01 15:31:38 +02:00
Christian Reitter
18192e8eb2 feat(crypto): small fuzzer improvements
change mnemonic_to_bits() approach, fuzz mnemonic_to_seed(), minor code fixes
2022-04-01 15:31:38 +02:00
Christian Reitter
052a860afc feat(crypto): fuzz mnemonic_from_data() 2022-04-01 15:31:38 +02:00
Christian Reitter
5564251920 feat(crypto): improve fuzzer secp256k1-zkp integration, add build workaround and sanitizer optimization, minor renaming 2022-04-01 15:31:38 +02:00
Christian Reitter
aee864c7ee feat(crypto): improve fuzz testing code, documentation 2022-04-01 15:31:38 +02:00
Pavol Rusnak
d2044d29b6
fix(crypto): add missing license to crypto/chacha20poly1305
[no changelog]
2022-03-16 10:54:15 +01:00
matejcik
2ce1e6ba7d feat(crypto): API for clearing internal caches 2022-02-16 15:21:32 +01:00
Ondřej Vejpustek
146c1fe721 test(crypto): add tests for zkp_bip340_verify_publickey 2022-02-16 10:25:15 +01:00
Pavol Rusnak
ea6b005003 feat(legacy): verify bip340 pubkeys used in p2tr addresses 2022-02-16 10:25:15 +01:00
Ondřej Vejpustek
27d5bf1573 revert(crypto): remove BCH Schnorr signatures
This reverts commit 9ef26c347e.
2022-01-31 13:56:06 +01:00
Andrew Kozlik
d6fdadf673 feat(crypto): Sanitize undefined behavior. 2022-01-19 15:22:03 +01:00
Andrew Kozlik
56126b75a7 ci: Use address sanitizer in CI.
[no changelog]
2022-01-19 15:22:03 +01:00
Pavol Rusnak
2880a2fa33
fix(crypto): refactor ethereum_address_checksum to prepend "0x" (#2029)
[no changelog]
2022-01-12 21:00:54 +01:00
Andrew Kozlik
8baf1ca79f fix(crypto): Fix out of bounds read in ecdsa_sig_to_der().
[no changelog]
2022-01-11 17:29:53 +01:00
Christian Reitter
525bbab165 tests(crypto): update wycheproof testcase source and parsing
The JSON schema of the test cases has slightly changed.
The "curve" field has moved to the "testGroups" level and the X25519 algorithm has been renamed,
which requires adjustments in the parsing code.

A duplicate definition of "ecdh_vectors" has also been removed.
2022-01-07 16:55:24 +01:00
Christian Reitter
176b12762f fix(crypto): fix expected_sig buffer handling 2022-01-07 14:54:52 +01:00
Christian Reitter
64281c69ce fix(crypto): fix incorrect sig buffer size 2022-01-07 14:54:52 +01:00
Andrew Kozlik
4882648dad fix(crypto): Treat point at infinity as an invalid public key in ecdsa_recover_pub_from_sig(). 2022-01-07 14:37:40 +01:00
Pavol Rusnak
c0510fc91e
build(crypto): make valgrind flag compatible with secp256k1-zkp (#2027)
Co-authored-by: Ondřej Vejpustek <ondrej.vejpustek@satoshilabs.com>
2021-12-20 15:19:14 +01:00
Christian Reitter
d1d3558d02 fix(crypto): revert to bitwise OR operator and silence warning 2021-12-09 14:31:52 +01:00
Christian Reitter
0c482173ab fix(crypto): use logical instead of bitwise operator
Discovered via clang-14 warnings for -Wbitwise-instead-of-logical
Closes https://github.com/satoshilabs/trezor-firmware/issues/129
2021-12-09 14:31:52 +01:00
Martin Milata
cace42c6e9 fix(crypto/test): fix uninitialized variable use
tests/test_speed.c:61:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
   61 |   ed25519_publickey(sk, pk);
tests/test_speed.c:145:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
  145 |   ed25519_publickey(sk, pk);
2021-12-06 16:25:59 +01:00
Christian Reitter
91dd21b561 fix(crypto): clarify incorrect base58.c code comment 2021-12-01 18:09:52 +01:00
Ondřej Vejpustek
a4e13cb6e4 fix(crypto): assign NULL to zkp_context after is is destroyed 2021-11-29 14:16:42 +01:00
Ondřej Vejpustek
f1ebe8f23e refactor(crypto): expose zkp_context_is_initialized 2021-11-29 14:16:42 +01:00
Pavol Rusnak
7cd27cf1d6 fix(crypto): fix wrong input handling in mktable
[no changelog]
2021-11-19 23:10:34 +01:00
Andrew Kozlik
1f4573905f feat(crypto): Add TapSigHash to Hasher. 2021-11-18 22:39:32 +01:00
Ondřej Vejpustek
2e4884199b build(crypto): build secp256k1-zkp with flags needed by sanitizers 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
71b12a2a71 refactor(crypto): make secp256k1_context_writable_randomize() return status 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ad38d8e324 refactor(crypto,core): make zkp_context_init() return status 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ec808050ba refactor(crypto): return error from ecdsa routines on unexpected curve 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
3612620268 build(crypto,core): make secp256k1-zkp context as small as possible 2021-11-18 19:05:40 +01:00
Andrew Kozlik
85ff3682c9 test(crypto): Add BIP-341 test vectors. 2021-11-13 13:33:46 +01:00