Alex Beregszaszi
d061139da9
bignum: introduce load uint32/uint64
2016-08-26 12:12:54 +01:00
Alex Beregszaszi
339d2f44a9
bignum: introduce is_even/is_odd
2016-08-26 12:12:54 +01:00
Alex Beregszaszi
dd25a2ee5a
bignum: introduce copy
2016-08-26 01:08:55 +01:00
Alex Beregszaszi
62a0db8c4e
bignum: introduce read/write_le
2016-08-25 23:18:24 +01:00
Alex Beregszaszi
ec316b6afc
tests: add bn_is_equal
2016-08-25 23:07:28 +01:00
Alex Beregszaszi
8eebfb1986
tests: add bn_write_be
2016-08-25 22:51:34 +01:00
Alex Beregszaszi
d890f4d859
tests: include bn_read_be
2016-08-25 22:48:06 +01:00
Jochen Hoenicke
f4ed55377d
Moved get_ethereum_address from ecdsa to bip32
...
The new name of the function is `hdnode_get_ethereum_address`
and it gets a hdnode as input as opposed to a public key. This
also avoids first computing the compressed public key and then
uncompressing it.
Test cases were adapted to work with new function. The test-vectors
are the same as for bip32 and independently checked with an adhoc
python implementation.
2016-08-18 16:21:33 +02:00
Jochen Hoenicke
d8e17d5d4d
Test cases for sha256 and sha512
2016-07-13 22:17:58 +02:00
Pavol Rusnak
dc167592d5
increase timeout in test_codepoints
2016-07-04 17:32:02 +02:00
Pavol Rusnak
ab81351de1
Merge pull request #61 from jhoenicke/master
...
Compute pubkey only on demand.
2016-07-04 17:28:18 +02:00
Pavol Rusnak
d61a151900
add bn_divmod1000 including unit test
2016-06-28 20:05:01 +02:00
Jochen Hoenicke
3390fcf89e
Compute pubkey only on demand.
...
Remove fingerprint from hdnode structure (if you need it, call
hdnode_fingerprint on the parent hdnode).
Only compute public_key, when hdnode_fill_public_key is called.
2016-06-27 10:13:10 +02:00
Alex Beregszaszi
ec7bea4308
Add tests for ecdsa_get_ethereum_pubkeyhash()
2016-06-13 22:18:40 +01:00
Alex Beregszaszi
ca2fcbf3e3
Add tests for ecdsa_uncompress_pubkey()
2016-06-13 21:59:52 +01:00
Pavol Rusnak
f60cd681f6
fix sign-compare warning
2016-05-16 16:42:34 +02:00
Pavol Rusnak
31e05edca7
add script parsing functions
2016-05-16 14:45:09 +02:00
Pavol Rusnak
242a5de275
simplify pbkdf2 (support only klen == hashlen) and split it
2016-05-01 01:18:50 +02:00
Pavol Rusnak
5c4e131ada
add speed benchmark (secp256k1 vs ed25519)
2016-04-26 02:15:07 +02:00
Pavol Rusnak
91c64858d0
Merge pull request #57 from jhoenicke/master
...
Added Unit test, fixed one corner case.
2016-04-26 01:03:46 +02:00
Pavol Rusnak
0054893b60
add test speed for nist256p1 curve as well
2016-04-26 00:17:45 +02:00
Jochen Hoenicke
7b07dff25c
Added Unit test, fixed one corner case.
2016-04-25 22:55:30 +02:00
Pavol Rusnak
0590192536
add testcase for ed25519
2016-04-25 17:46:01 +02:00
Jochen Hoenicke
295a493846
Test vectors for ed25519 + BIP-0032 / SLIP-0010
2016-04-23 23:44:01 +02:00
Jochen Hoenicke
55edf71e27
ed25519 support
2016-04-22 18:21:58 +02:00
Jochen Hoenicke
698f40f385
BIP-32 without gaps, prepare non-ecdsa curves
...
* Split ecdsa_curve into curve_info and ecdsa_curve to support bip32 on
curves that don't have a ecdsa_curve.
* Don't fail in key derivation but retry with a new hash.
* Adapted test case accordingly
2016-04-22 17:43:15 +02:00
Jochen Hoenicke
16ff4387ae
New test case for a bip32 hole in nist256
2016-04-20 20:35:22 +02:00
Jochen Hoenicke
d577410fc4
Unit tests for the NIST256P1 curve
2016-04-20 15:13:40 +02:00
Jochen Hoenicke
b34be66a9c
Updated tests
2016-04-20 10:43:53 +02:00
Pavol Rusnak
9a8e982153
implement bip39 cache
2016-01-19 15:11:57 +01:00
251
1d7fb4e38f
Fixes a bug in the test_pbkdf2_hmac_sha256 test.
...
This bug fix sets the length of the derived key in the last test_pbkdf2_hmac_sha256 test to 40 bytes to fix a buffer overflow, which is caused by the call to the pbkdf2_hmac_sha256 function, on the memory reserved by the local variable k.
2015-09-21 23:51:10 +02:00
Jochen Hoenicke
e1347fcdf8
New Unit Tests
...
- Added unit tests for the NIST curve.
- Fix some missing bn_mod in unit tests.
- New tests for tricky 2 (2j+1) 2^{4i} exponents.
2015-08-05 21:42:40 +02:00
Jochen Hoenicke
6ba4d288b0
Cleaned up bignum code
...
1. Fixed bn_multiply_step to handle small primes.
2. Removed many calls to bn_mod to prevent side-channel leakage.
2015-08-05 19:36:30 +02:00
Roman Zeyde
0164137786
tests: fix signedness error
2015-07-29 21:49:00 +03:00
Roman Zeyde
7c58fc11a4
Add support for NIST256P1 elliptic curve
...
This enables SSH ECDSA public key authentication.
2015-06-26 10:33:14 +03:00
Pavol Rusnak
00954da5fe
fix /dev/urandom problem
2015-05-04 19:53:06 +02:00
Pavol Rusnak
21d0bb437a
cleanup coding style
2015-04-13 18:19:33 +02:00
Pavol Rusnak
f1b8f55d92
use curly braces in if block
2015-04-11 20:01:45 +02:00
Jochen Hoenicke
c90f79bce2
Added new tests for point multiplication
2015-04-11 13:12:03 +02:00
Jochen Hoenicke
1700caf2ad
scalar_mult based on Jacobian representation
...
This version of scalar_mult should be faster and much better
against side-channel attacks. Except bn_inverse and bn_mod
all functions are constant time. bn_inverse is only used
in the last step and its input is randomized. The function
bn_mod is only taking extra time in 2^32/2^256 cases, so
in practise it should not occur at all. The input to bn_mod
is also depending on the random value.
There is secret dependent array access in scalar_multiply,
so cache may be an issue.
2015-03-17 19:18:34 +01:00
Pavol Rusnak
cb9ccc5cf4
remove all references to USE_PUBKEY_VALIDATE
2015-03-12 15:53:41 +01:00
Pavol Rusnak
92ab7504b2
add one more bip32_cache test
2015-03-04 15:43:14 +01:00
Pavol Rusnak
f4e6010e18
implement BIP32 cache
2015-01-26 19:10:19 +01:00
Dustin Laurence
1c672dca2b
Remove now-redundant embedded header
2015-01-25 08:49:52 -08:00
Pavol Rusnak
89a7d7797b
replace base58 implementation
2014-12-23 03:11:58 +01:00
Pavol Rusnak
b4cdba8489
export pby from ecdsa_sign functions
2014-12-08 21:08:49 +01:00
Pavol Rusnak
f6560c7d13
split pbkdf2 into pbkdf2_hmac_sha256 and pbkdf2_hmac_sha512
2014-10-30 01:35:13 +01:00
Dustin Laurence
e0b083a0b0
Make CMakeLists.txt build tests
2014-07-16 13:41:29 -05:00
Pavol Rusnak
bb73936959
use more warnings from trezor-mcu
2014-07-07 21:34:54 +02:00
Pavol Rusnak
0fe1857513
normalize y^2 in pubkey validation
...
fix last commit
2014-07-07 21:11:25 +02:00