1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-18 12:28:09 +00:00
Commit Graph

429 Commits

Author SHA1 Message Date
Jochen Hoenicke
7e98c02afd Added comments to the tricky algorithms.
Added invariants for bn_multiply and bn_inverse.
Explain that bn_multiply and bn_fast_mod doesn't work for
an arbitrary modulus.  The modulus must be close to 2^256.
2015-03-09 12:06:46 +01:00
Jochen Hoenicke
e2dd0b8e8d Always check for validity in ecdsa_read_pubkey.
An invalid point may crash the implementation or, worse,
reveal information about the private key if used in a ECDH
context (e.g. cryptoMessageEn/Decrypt).

Therefore, check all user supplied points even if
USE_PUBKEY_VALIDATE is not set.

To improve speed, we don't check if the point lies in the
main group, since the secp256k1 curve does not have
any other subgroup.
2015-03-08 21:09:21 +01:00
Pavol Rusnak
92ab7504b2 add one more bip32_cache test 2015-03-04 15:43:14 +01:00
Pavol Rusnak
d814f58a3b Merge pull request #22 from jhoenicke/master
Make word list const
2015-02-14 12:38:36 +01:00
Jochen Hoenicke
7e7b40b434 Make word list const
This makes the pointers to the words constant.  It moves 8kb from ram
to flash.  It changes the return type of mnemonic_wordlist() to reflect
this change.  Everyone calling it should also change the type to
`const char * const *`.
2015-02-14 12:00:44 +01:00
Pavol Rusnak
f4fe7c9aa5 Merge pull request #21 from jhoenicke/master
Fix RFC6979 generation of k.
2015-02-11 16:42:32 +01:00
Jochen Hoenicke
ed9d8c1ebb Fix RFC6979 generation of k.
The standard says:
step h:
  Set T to the empty sequence.
  while tlen < qlen
    V = HMAC_K(V)
    T = T || V
  k = bits2int(T)

in this case (HMAC-SHA256, qlen=256bit) this simplifies to
  V = HMAC_K(V)
  T = V
  k = bits2int(T)
and T can be omitted.

The old code (wrong) did:
  T = HMAC_K(V)
  k = bits2int(T)
Note that V will only be used again if the first k is out of range.
Thus, the old code produced the right result with a very high probability.
2015-01-30 22:34:37 +01:00
Pavol Rusnak
54aa5a4482 Merge pull request #20 from mackler/stddef-rand
Add `stdlib.h` to header.  Needed for `size_t`.
2015-01-28 09:47:21 +01:00
Adam Mackler
82ea549661 Add stdlib.h to header. Needed for size_t. 2015-01-27 21:44:48 -05:00
Adam Mackler
cb6f976b0d Remove unused static variable sha384_initial_hash_value. 2015-01-27 19:22:42 -05:00
Pavol Rusnak
aa1833ba3f add stdlib to header 2015-01-26 19:12:22 +01:00
Pavol Rusnak
f4e6010e18 implement BIP32 cache 2015-01-26 19:10:19 +01:00
Pavol Rusnak
40b023b1f4 Merge pull request #17 from dllaurence/embedded_header
Remove now-redundant embedded header
2015-01-26 00:29:30 +01:00
Dustin Laurence
1c672dca2b Remove now-redundant embedded header 2015-01-25 08:49:52 -08:00
Pavol Rusnak
5ce27a1e1a Merge pull request #16 from dllaurence/prototypes
Prototypes
2015-01-24 20:33:23 +01:00
Dustin Laurence
a16992a893 Add stdbool.h 2015-01-23 12:12:40 -08:00
Dustin Laurence
8ce1f34233 Add prototypes for private functions 2015-01-23 12:12:40 -08:00
Pavol Rusnak
d57d030362 Merge pull request #15 from dllaurence/finalize_rand
Finalize all open file descriptors
2015-01-23 19:11:19 +01:00
Dustin Laurence
ce67a85d39 Add finalize_rand() to prove we have no leaks 2015-01-23 06:05:38 -08:00
Dustin Laurence
661751ab4b Add finalize_rand() 2015-01-23 06:05:25 -08:00
Pavol Rusnak
fb747384a0 prepare cython-TrezorCrypto for pip release 2015-01-12 19:11:43 +01:00
Pavol Rusnak
5cd4531312 make constructor of cython HDNode struct more explicit 2015-01-11 20:05:40 +01:00
Pavol Rusnak
0331a1c454 first try of cythonizing the library 2015-01-11 16:43:07 +01:00
Pavol Rusnak
8c23d62c5e don't verify pubkey in xpubaddrgen 2015-01-11 02:56:33 +01:00
Pavol Rusnak
2880a2e3db add break condition to xpubaddrgen 2015-01-11 02:46:45 +01:00
Pavol Rusnak
9fea8f8ab3 more fixes to readme 2014-12-24 01:30:33 +01:00
Pavol Rusnak
27a496a370 README -> README.md 2014-12-24 01:27:20 +01:00
Pavol Rusnak
280310c8a0 add xpubaddrgen utility 2014-12-24 01:26:39 +01:00
Pavol Rusnak
795579cbac invert pby when normalizing S during signing 2014-12-23 18:13:33 +01:00
Pavol Rusnak
89a7d7797b replace base58 implementation 2014-12-23 03:11:58 +01:00
Pavol Rusnak
c6ca89a850 simplify check in hdnode_from_xpub 2014-12-20 00:50:26 +01:00
Pavol Rusnak
10a92c3c62 use const in hdnode_from_* methods 2014-12-13 19:54:01 +01:00
Pavol Rusnak
b4cdba8489 export pby from ecdsa_sign functions 2014-12-08 21:08:49 +01:00
Pavol Rusnak
9469a64a0a use bn_is_zero and bn_is_equal where possible 2014-11-17 17:17:14 +01:00
Pavol Rusnak
df3606dd5e introduce ecdsa_get_address_raw 2014-11-16 21:17:39 +01:00
Pavol Rusnak
c5d9b2ea2f remove forgotten declaration 2014-11-16 21:00:52 +01:00
Pavol Rusnak
f6560c7d13 split pbkdf2 into pbkdf2_hmac_sha256 and pbkdf2_hmac_sha512 2014-10-30 01:35:13 +01:00
Pavol Rusnak
ad8e618ed2 use $(CC) instead of gcc in Makefile 2014-08-11 02:04:42 +02:00
Pavol Rusnak
8820ae9873 add more checks for improbable cases; rework gui testing app 2014-08-07 18:35:54 +02:00
Pavol Rusnak
b9ed9a9cd4 don't include aescpp.h 2014-07-24 15:26:50 +02:00
Pavol Rusnak
5315f490a0 don't use AES_NI nor VIA_ACE 2014-07-17 20:15:14 +02:00
Pavol Rusnak
ffd2d69dd6 Merge pull request #12 from dllaurence/optional-tests
Make test build optional in CMake
2014-07-17 19:56:36 +02:00
Dustin Laurence
6cd85668a3 Make test build optional in CMake 2014-07-17 12:51:00 -05:00
Pavol Rusnak
7570ea8c0c update CMakeLists.txt 2014-07-17 16:59:14 +02:00
Pavol Rusnak
24beac2cc0 Merge pull request #11 from dllaurence/cmake-tests
Make CMakeLists.txt build tests
2014-07-17 16:38:39 +02:00
Pavol Rusnak
8f38acd48f Merge pull request #10 from dllaurence/fread-return
Test fread return value
2014-07-17 16:37:42 +02:00
Dustin Laurence
e0b083a0b0 Make CMakeLists.txt build tests 2014-07-16 13:41:29 -05:00
Dustin Laurence
3329b6b6aa Test fread return value 2014-07-16 08:06:15 -05:00
Pavol Rusnak
bb73936959 use more warnings from trezor-mcu 2014-07-07 21:34:54 +02:00
Pavol Rusnak
03a8925e0f rename BN_PRINT define to USE_BN_PRINT 2014-07-07 21:24:10 +02:00