1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-22 13:21:03 +00:00
Commit Graph

56 Commits

Author SHA1 Message Date
Pavol Rusnak
b55473a01e
add fingerprint output parameter to hdnode_private_ckd_cached function 2016-12-12 12:07:33 +01:00
Jochen Hoenicke
e855c60529 Use bn_add instead of bn_addmod (#80)
The bip32 private key derivation used bn_addmod to handle
wrap around.  This was never sufficient as bn_addmod uses only
bn_fast_mod, so an additional bn_mod is necessary.  The bn_fast_mod
helped when bn_mod was not side-channel safe.  Now that bn_mod uses
constant time code, we can get rid of the unnecessary bn_fast_mod
step and use bn_add instead of bn_addmod.
2016-11-05 21:21:48 +01:00
Pavol Rusnak
0abc61f672
use curve25519-donna from floodyberry 2016-10-24 20:51:57 +02:00
Roman Zeyde
228f9425d1 Fix small typo in return value checking (#75) 2016-10-22 00:26:29 +02:00
Pavol Rusnak
cf21bb2fbf
refactor ECDH multiplication into ecdh_multiply function 2016-10-21 18:19:01 +02:00
Pavol Rusnak
ed755120af
fix broken test_speed 2016-10-16 02:26:16 +02:00
Pavol Rusnak
707c869fb9 Merge pull request #74 from romanz/curve25519
Add support for Curve25519-based ECDH
2016-10-16 01:28:45 +02:00
Roman Zeyde
906c543ebc Implement ECDH with Curve25519 at BIP32 module 2016-10-14 23:36:19 +03:00
Jan Pochyla
f45bcc65f2 bip32: deserialize the fingerprint 2016-10-14 14:44:05 +02:00
Pavol Rusnak
4fb15a13d8
add hdnode_get_address 2016-10-08 18:18:32 +02:00
Pavol Rusnak
d10ec230c0
add support for multibyte address versions 2016-10-08 17:56:12 +02:00
Jochen Hoenicke
133c068f37 Reworked rfc6979 signing. (#72)
This adds an is_canonic parameter to all sign functions.  This is a
callback that determines if a signature corresponds to some coin
specific rules.  It is used, e. g., by ethereum (where the recovery
byte must be 0 or 1, and not 2 or 3) and or steem signatures (which
require both r and s to be between 2^248 and 2^255).

This also separates the initialization and the step function of the
random number generator, making it easy to restart the signature
process with the next random number.
2016-10-06 16:54:07 +02:00
Jan Pochyla
00413c0b6e bip32: serialization returns nu. of written bytes 2016-10-06 12:36:23 +02:00
Jochen Hoenicke
f4ed55377d Moved get_ethereum_address from ecdsa to bip32
The new name of the function is `hdnode_get_ethereum_address`
and it gets a hdnode as input as opposed to a public key.  This
also avoids first computing the compressed public key and then
uncompressing it.

Test cases were adapted to work with new function.  The test-vectors
are the same as for bip32 and independently checked with an adhoc
python implementation.
2016-08-18 16:21:33 +02:00
Pavol Rusnak
b5f89bb478
fpr -> fingerprint 2016-07-04 17:29:48 +02:00
Jochen Hoenicke
3390fcf89e Compute pubkey only on demand.
Remove fingerprint from hdnode structure (if you need it, call
hdnode_fingerprint on the parent hdnode).
Only compute public_key, when hdnode_fill_public_key is called.
2016-06-27 10:13:10 +02:00
Pavol Rusnak
110965f31d
further optimize emscripten 2016-05-12 19:29:24 +02:00
Pavol Rusnak
6dd9ed0756
add hdnode_public_ckd_address_optimized 2016-05-12 17:19:42 +02:00
Jochen Hoenicke
c6e7d376b7 Handle b58 address with shorter lengths 2016-04-27 23:15:53 +02:00
Jochen Hoenicke
55edf71e27
ed25519 support 2016-04-22 18:21:58 +02:00
Jochen Hoenicke
698f40f385
BIP-32 without gaps, prepare non-ecdsa curves
* Split ecdsa_curve into curve_info and ecdsa_curve to support bip32 on
  curves that don't have a ecdsa_curve.
* Don't fail in key derivation but retry with a new hash.
* Adapted test case accordingly
2016-04-22 17:43:15 +02:00
Jochen Hoenicke
f8ac99ebb7 Check for error from get_curve_by_name. 2016-04-20 19:54:18 +02:00
Jochen Hoenicke
0bc1b70c4a Use different seed modifier for different curves 2016-04-20 10:38:11 +02:00
Jochen Hoenicke
c983afd72f Added curve type to HDNode
Every curve gets it's own hierarchy and the curve is remembered in
HD node.  Fixed the private/public key derivations to use the right
modulus.
2016-04-19 18:21:56 +02:00
Jochen Hoenicke
f93b003cbc Extended comments, new function bn_add, a bug fix.
Describe normalized, partly reduced and reduced numbers.
Comment which function expects which kind of input.
Removed unused bn_bitlen.
Add bn_add that does not reduce.
Bug fix in ecdsa_validate_pubkey: bn_mod before bn_is_equal.
Bug fix in hdnode_private_ckd: bn_mod after bn_addmod.
2015-08-06 19:09:23 +02:00
Roman Zeyde
7c58fc11a4 Add support for NIST256P1 elliptic curve
This enables SSH ECDSA public key authentication.
2015-06-26 10:33:14 +03:00
Pavol Rusnak
21d0bb437a cleanup coding style 2015-04-13 18:19:33 +02:00
netanelkl
70dc71c87e Some more stack memory wipe before leaving functions.
Note that I preferred to change the multiple returns to multiple checks
of a boolean to concentrate the erase into the last part of the
functions.
2015-04-09 14:17:47 -04:00
netanelkl
aeefea054a Added some private key nullification so that they won't be uncontrolled in the stack 2015-04-08 15:07:15 -04:00
Pavol Rusnak
cb9ccc5cf4 remove all references to USE_PUBKEY_VALIDATE 2015-03-12 15:53:41 +01:00
Pavol Rusnak
92ab7504b2 add one more bip32_cache test 2015-03-04 15:43:14 +01:00
Pavol Rusnak
f4e6010e18 implement BIP32 cache 2015-01-26 19:10:19 +01:00
Pavol Rusnak
89a7d7797b replace base58 implementation 2014-12-23 03:11:58 +01:00
Pavol Rusnak
c6ca89a850 simplify check in hdnode_from_xpub 2014-12-20 00:50:26 +01:00
Pavol Rusnak
10a92c3c62 use const in hdnode_from_* methods 2014-12-13 19:54:01 +01:00
Pavol Rusnak
8820ae9873 add more checks for improbable cases; rework gui testing app 2014-08-07 18:35:54 +02:00
Pavol Rusnak
4b1211e0ae extract base58 functions to separate source file 2014-05-22 21:52:04 +02:00
Pavol Rusnak
612f5ab050 fix copyright headers 2014-05-22 20:54:58 +02:00
Pavol Rusnak
c1140e071e added deserialization 2014-05-21 00:22:48 +02:00
Pavol Rusnak
44116b8a74 make serialize api more friendly 2014-05-15 19:35:28 +02:00
Pavol Rusnak
c08bbfa58e fix last commit 2014-05-15 18:50:28 +02:00
Pavol Rusnak
c1dc507189 add hdnode serialization function 2014-05-15 17:36:23 +02:00
Pavol Rusnak
d5e1ff8be8 remove version_byte and address from bip32 2014-02-21 22:51:49 +01:00
Pavol Rusnak
18dea22213 get rid of bip32 versions, it's a mess :( 2014-02-21 19:41:33 +01:00
Pavol Rusnak
d0e152a088 replace SHA256/SHA512 prefix with sha256/sha512 (OpenSSL clash) 2014-02-19 21:26:42 +01:00
Pavol Rusnak
1034b28f90 use both private and public bip32 versions 2014-02-19 16:58:48 +01:00
Pavol Rusnak
c0ee25c851 don't use implicit versions in bip32 2014-01-21 18:38:44 +01:00
Pavol Rusnak
8764a03453 compute fingerprints 2014-01-14 15:29:46 +01:00
Pavol Rusnak
ed7e2e5058 implement public child key derivation 2014-01-14 14:35:13 +01:00
Pavol Rusnak
353606e2df add hdnode_coin_version to be able to set coin version from outside 2013-11-28 02:47:00 +01:00