Jochen Hoenicke
7e98c02afd
Added comments to the tricky algorithms.
...
Added invariants for bn_multiply and bn_inverse.
Explain that bn_multiply and bn_fast_mod doesn't work for
an arbitrary modulus. The modulus must be close to 2^256.
2015-03-09 12:06:46 +01:00
Jochen Hoenicke
e2dd0b8e8d
Always check for validity in ecdsa_read_pubkey.
...
An invalid point may crash the implementation or, worse,
reveal information about the private key if used in a ECDH
context (e.g. cryptoMessageEn/Decrypt).
Therefore, check all user supplied points even if
USE_PUBKEY_VALIDATE is not set.
To improve speed, we don't check if the point lies in the
main group, since the secp256k1 curve does not have
any other subgroup.
2015-03-08 21:09:21 +01:00
Pavol Rusnak
92ab7504b2
add one more bip32_cache test
2015-03-04 15:43:14 +01:00
Pavol Rusnak
d814f58a3b
Merge pull request #22 from jhoenicke/master
...
Make word list const
2015-02-14 12:38:36 +01:00
Jochen Hoenicke
7e7b40b434
Make word list const
...
This makes the pointers to the words constant. It moves 8kb from ram
to flash. It changes the return type of mnemonic_wordlist() to reflect
this change. Everyone calling it should also change the type to
`const char * const *`.
2015-02-14 12:00:44 +01:00
Pavol Rusnak
f4fe7c9aa5
Merge pull request #21 from jhoenicke/master
...
Fix RFC6979 generation of k.
2015-02-11 16:42:32 +01:00
Jochen Hoenicke
ed9d8c1ebb
Fix RFC6979 generation of k.
...
The standard says:
step h:
Set T to the empty sequence.
while tlen < qlen
V = HMAC_K(V)
T = T || V
k = bits2int(T)
in this case (HMAC-SHA256, qlen=256bit) this simplifies to
V = HMAC_K(V)
T = V
k = bits2int(T)
and T can be omitted.
The old code (wrong) did:
T = HMAC_K(V)
k = bits2int(T)
Note that V will only be used again if the first k is out of range.
Thus, the old code produced the right result with a very high probability.
2015-01-30 22:34:37 +01:00
Pavol Rusnak
54aa5a4482
Merge pull request #20 from mackler/stddef-rand
...
Add `stdlib.h` to header. Needed for `size_t`.
2015-01-28 09:47:21 +01:00
Adam Mackler
82ea549661
Add stdlib.h
to header. Needed for size_t
.
2015-01-27 21:44:48 -05:00
Adam Mackler
cb6f976b0d
Remove unused static variable sha384_initial_hash_value.
2015-01-27 19:22:42 -05:00
Pavol Rusnak
aa1833ba3f
add stdlib to header
2015-01-26 19:12:22 +01:00
Pavol Rusnak
f4e6010e18
implement BIP32 cache
2015-01-26 19:10:19 +01:00
Pavol Rusnak
40b023b1f4
Merge pull request #17 from dllaurence/embedded_header
...
Remove now-redundant embedded header
2015-01-26 00:29:30 +01:00
Dustin Laurence
1c672dca2b
Remove now-redundant embedded header
2015-01-25 08:49:52 -08:00
Pavol Rusnak
5ce27a1e1a
Merge pull request #16 from dllaurence/prototypes
...
Prototypes
2015-01-24 20:33:23 +01:00
Dustin Laurence
a16992a893
Add stdbool.h
2015-01-23 12:12:40 -08:00
Dustin Laurence
8ce1f34233
Add prototypes for private functions
2015-01-23 12:12:40 -08:00
Pavol Rusnak
d57d030362
Merge pull request #15 from dllaurence/finalize_rand
...
Finalize all open file descriptors
2015-01-23 19:11:19 +01:00
Dustin Laurence
ce67a85d39
Add finalize_rand() to prove we have no leaks
2015-01-23 06:05:38 -08:00
Dustin Laurence
661751ab4b
Add finalize_rand()
2015-01-23 06:05:25 -08:00
Pavol Rusnak
fb747384a0
prepare cython-TrezorCrypto for pip release
2015-01-12 19:11:43 +01:00
Pavol Rusnak
5cd4531312
make constructor of cython HDNode struct more explicit
2015-01-11 20:05:40 +01:00
Pavol Rusnak
0331a1c454
first try of cythonizing the library
2015-01-11 16:43:07 +01:00
Pavol Rusnak
8c23d62c5e
don't verify pubkey in xpubaddrgen
2015-01-11 02:56:33 +01:00
Pavol Rusnak
2880a2e3db
add break condition to xpubaddrgen
2015-01-11 02:46:45 +01:00
Pavol Rusnak
9fea8f8ab3
more fixes to readme
2014-12-24 01:30:33 +01:00
Pavol Rusnak
27a496a370
README -> README.md
2014-12-24 01:27:20 +01:00
Pavol Rusnak
280310c8a0
add xpubaddrgen utility
2014-12-24 01:26:39 +01:00
Pavol Rusnak
795579cbac
invert pby when normalizing S during signing
2014-12-23 18:13:33 +01:00
Pavol Rusnak
89a7d7797b
replace base58 implementation
2014-12-23 03:11:58 +01:00
Pavol Rusnak
c6ca89a850
simplify check in hdnode_from_xpub
2014-12-20 00:50:26 +01:00
Pavol Rusnak
10a92c3c62
use const in hdnode_from_* methods
2014-12-13 19:54:01 +01:00
Pavol Rusnak
b4cdba8489
export pby from ecdsa_sign functions
2014-12-08 21:08:49 +01:00
Pavol Rusnak
9469a64a0a
use bn_is_zero and bn_is_equal where possible
2014-11-17 17:17:14 +01:00
Pavol Rusnak
df3606dd5e
introduce ecdsa_get_address_raw
2014-11-16 21:17:39 +01:00
Pavol Rusnak
c5d9b2ea2f
remove forgotten declaration
2014-11-16 21:00:52 +01:00
Pavol Rusnak
f6560c7d13
split pbkdf2 into pbkdf2_hmac_sha256 and pbkdf2_hmac_sha512
2014-10-30 01:35:13 +01:00
Pavol Rusnak
ad8e618ed2
use $(CC) instead of gcc in Makefile
2014-08-11 02:04:42 +02:00
Pavol Rusnak
8820ae9873
add more checks for improbable cases; rework gui testing app
2014-08-07 18:35:54 +02:00
Pavol Rusnak
b9ed9a9cd4
don't include aescpp.h
2014-07-24 15:26:50 +02:00
Pavol Rusnak
5315f490a0
don't use AES_NI nor VIA_ACE
2014-07-17 20:15:14 +02:00
Pavol Rusnak
ffd2d69dd6
Merge pull request #12 from dllaurence/optional-tests
...
Make test build optional in CMake
2014-07-17 19:56:36 +02:00
Dustin Laurence
6cd85668a3
Make test build optional in CMake
2014-07-17 12:51:00 -05:00
Pavol Rusnak
7570ea8c0c
update CMakeLists.txt
2014-07-17 16:59:14 +02:00
Pavol Rusnak
24beac2cc0
Merge pull request #11 from dllaurence/cmake-tests
...
Make CMakeLists.txt build tests
2014-07-17 16:38:39 +02:00
Pavol Rusnak
8f38acd48f
Merge pull request #10 from dllaurence/fread-return
...
Test fread return value
2014-07-17 16:37:42 +02:00
Dustin Laurence
e0b083a0b0
Make CMakeLists.txt build tests
2014-07-16 13:41:29 -05:00
Dustin Laurence
3329b6b6aa
Test fread return value
2014-07-16 08:06:15 -05:00
Pavol Rusnak
bb73936959
use more warnings from trezor-mcu
2014-07-07 21:34:54 +02:00
Pavol Rusnak
03a8925e0f
rename BN_PRINT define to USE_BN_PRINT
2014-07-07 21:24:10 +02:00