1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-21 05:48:23 +00:00
Commit Graph

16 Commits

Author SHA1 Message Date
Saleem Rashid
764cc4c6e8 bip32: Add secp256k1-decred 2017-12-10 20:07:13 +01:00
Jochen Hoenicke
55edf71e27
ed25519 support 2016-04-22 18:21:58 +02:00
Jochen Hoenicke
698f40f385
BIP-32 without gaps, prepare non-ecdsa curves
* Split ecdsa_curve into curve_info and ecdsa_curve to support bip32 on
  curves that don't have a ecdsa_curve.
* Don't fail in key derivation but retry with a new hash.
* Adapted test case accordingly
2016-04-22 17:43:15 +02:00
Jochen Hoenicke
c983afd72f Added curve type to HDNode
Every curve gets it's own hierarchy and the curve is remembered in
HD node.  Fixed the private/public key derivations to use the right
modulus.
2016-04-19 18:21:56 +02:00
Roman Zeyde
7c58fc11a4 Add support for NIST256P1 elliptic curve
This enables SSH ECDSA public key authentication.
2015-06-26 10:33:14 +03:00
Jochen Hoenicke
ec057a5102 "More" constant time point multiplication
About the same speed, about the same precomputation table requirements.
Simpler code.
2015-03-17 19:18:34 +01:00
Jochen Hoenicke
7d4cf5cedd Optimized the bn_inverse method.
The new method needs about 30 % less time for prime256k1 and is about
twice as fast for other moduli.  The base algorithm is the same.
The code is also a bit smaller and doesn't need the 8 kb precomputed
table.

Important canges:
1. even/odd distinction so that we need to test only one of the numbers
   for being even.  This also leads to less duplicated code.
2. Allow for shifting by 32 bits at a time in the even test.
3. Pack u,s and v,r into the same array, which saves a bit of stack memory.
4. Don't divide by two after subtraction; this simplifies code.
5. Abort as soon as u,v are equal, instead of subtracting them.
6. Use s instead of r after the loop; no negation needed.
7. New code that divides by 2^k fast without any precomputed values.
2015-03-17 19:17:47 +01:00
Pavol Rusnak
019d779a94 Revert "Revert "add more precomputation to ecdsa signing""
This reverts commit 3747ba4323.
2014-07-03 10:09:45 +02:00
Pavol Rusnak
3747ba4323 Revert "add more precomputation to ecdsa signing"
This reverts commit 06dd166a82.
2014-07-03 01:18:00 +02:00
Pavol Rusnak
612f5ab050 fix copyright headers 2014-05-22 20:54:58 +02:00
Pavol Rusnak
06dd166a82 add more precomputation to ecdsa signing 2014-05-15 17:11:26 +02:00
Pavol Rusnak
9205c0d952 use canonical signatures (if S > Order/2: S = Order - S) 2013-10-08 14:06:48 +02:00
Pavol Rusnak
678e5b1af2 use #if instead of #ifdef for conditional macros 2013-10-03 17:32:27 +02:00
Pavol Rusnak
07d1c22730 refactor code -> bignum.c/h 2013-09-12 03:18:35 +02:00
Pavol Rusnak
3f737896a4 ecdsa_get_public_key and ecdsa_verify methods 2013-09-09 17:52:25 +02:00
Pavol Rusnak
ccbc219b29 import sources 2013-08-17 14:20:15 +02:00