1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-28 09:08:07 +00:00
Commit Graph

230 Commits

Author SHA1 Message Date
Christian Reitter
64281c69ce fix(crypto): fix incorrect sig buffer size 2022-01-07 14:54:52 +01:00
Andrew Kozlik
4882648dad fix(crypto): Treat point at infinity as an invalid public key in ecdsa_recover_pub_from_sig(). 2022-01-07 14:37:40 +01:00
Pavol Rusnak
c0510fc91e
build(crypto): make valgrind flag compatible with secp256k1-zkp (#2027)
Co-authored-by: Ondřej Vejpustek <ondrej.vejpustek@satoshilabs.com>
2021-12-20 15:19:14 +01:00
Christian Reitter
d1d3558d02 fix(crypto): revert to bitwise OR operator and silence warning 2021-12-09 14:31:52 +01:00
Christian Reitter
0c482173ab fix(crypto): use logical instead of bitwise operator
Discovered via clang-14 warnings for -Wbitwise-instead-of-logical
Closes https://github.com/satoshilabs/trezor-firmware/issues/129
2021-12-09 14:31:52 +01:00
Martin Milata
cace42c6e9 fix(crypto/test): fix uninitialized variable use
tests/test_speed.c:61:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
   61 |   ed25519_publickey(sk, pk);
tests/test_speed.c:145:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
  145 |   ed25519_publickey(sk, pk);
2021-12-06 16:25:59 +01:00
Christian Reitter
91dd21b561 fix(crypto): clarify incorrect base58.c code comment 2021-12-01 18:09:52 +01:00
Ondřej Vejpustek
a4e13cb6e4 fix(crypto): assign NULL to zkp_context after is is destroyed 2021-11-29 14:16:42 +01:00
Ondřej Vejpustek
f1ebe8f23e refactor(crypto): expose zkp_context_is_initialized 2021-11-29 14:16:42 +01:00
Pavol Rusnak
7cd27cf1d6 fix(crypto): fix wrong input handling in mktable
[no changelog]
2021-11-19 23:10:34 +01:00
Andrew Kozlik
1f4573905f feat(crypto): Add TapSigHash to Hasher. 2021-11-18 22:39:32 +01:00
Ondřej Vejpustek
2e4884199b build(crypto): build secp256k1-zkp with flags needed by sanitizers 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
71b12a2a71 refactor(crypto): make secp256k1_context_writable_randomize() return status 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ad38d8e324 refactor(crypto,core): make zkp_context_init() return status 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ec808050ba refactor(crypto): return error from ecdsa routines on unexpected curve 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
3612620268 build(crypto,core): make secp256k1-zkp context as small as possible 2021-11-18 19:05:40 +01:00
Andrew Kozlik
85ff3682c9 test(crypto): Add BIP-341 test vectors. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
3f5c11a919 test(crypto): Add unit test for BIP340 tweak. 2021-11-13 13:33:46 +01:00
Andrew Kozlik
4a6bd14993 feat(crypto): Add key tweaking functions to zkp_bip340.c. 2021-11-13 13:33:46 +01:00
matejcik
ea0dcff548 feat(crypto): support all bip39 lengths in mnemonic_to_bits 2021-11-10 13:57:57 +01:00
matejcik
80e4b27f09 feat(crypto/cardano): implement Cardano Ledger derivation 2021-11-10 13:57:57 +01:00
matejcik
1174648777 refactor(crypto): extract Cardano derivations to separate file
Changes the API: all Cardano derivations will now produce a 96-byte
secret in the format of private_key + private_key_ext + chain_code.
This can then be trivially converted to a HDNode.
2021-11-10 13:57:57 +01:00
Ondřej Vejpustek
f96e737ef5 fix(crypto): fix undefined behaviour of IS_ALIGNED_64 macro 2021-11-08 17:38:51 +01:00
2128675309
684e0c886d feat(crypto): add big endian support 2021-11-04 20:38:52 +01:00
Andrew Kozlik
eb90efd914 chore(crypto,core,legacy): Add return code to hdnode_fill_public_key().
[no changelog]
2021-11-01 16:39:53 +01:00
Andrew Kozlik
307d166383 fix(crypto): Clean up stack in ed25519.c. 2021-11-01 16:39:53 +01:00
Andrew Kozlik
34621a6b6d fix(crypto,core,legacy): Check private key validity when deriving public key.
[no changelog]
2021-11-01 16:39:53 +01:00
Andrew Kozlik
5d03110a42 fix(crypto): Treat edge cases in ecdsa_sign_digest() same as ecdsa_verify_digest() does. 2021-11-01 16:39:53 +01:00
Ondřej Vejpustek
05ae15bcb6 build(crypto): use precomputed context for secp256k1-zkp 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
dbfc7d241f chore(vendor,crypto): bump version of secp256k1-zkp 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
4026987353 refactor(crypto): remove useless variable in zkp_context.c 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
273d6d14cc refactor(crypto): propagate error from zkp_context_acquire_writable() 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
29ce860d46 refactor(core,crypto): rename schnorr to BIP340 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
15bb085509 refactor(core,crypto): make public key derivation functions return
status
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
61143edb4d test(crypto): add tests for Schnorr signatures 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
1dad7fe7c5 feat(crypto): add wrapers for BIP-340 compatible Schnorr signatures from secp256k1_zkp 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
f2459e335d test(crypto): add tests for get_public_key{33,65} 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
79153135b7 test(crypto): add ecdsa tests for secp256k1_zkp 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
aca37e5eb2 refactor(crypto): make helper function for ecdsa_recover_pub_from_sig and
ecdsa_verify_digest
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
3cd2e89fbc refactor(crypto): split test_ecdsa_signature into two tests 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
d2f8f4b021 feat(crypto): add wrappers for ecdsa from secp256k1_zkp 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
75e61da70b feat(crypto): implement randomizable secp256k1_zkp context 2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
6bee78af19 feat(crypto): compile crypto with secp256k1_zkp 2021-10-25 14:41:28 +02:00
Pavol Rusnak
d34b1636ee feat(crypto): add BIP-350 test cases to test_check_segwit 2021-10-18 13:36:05 +02:00
Pavol Rusnak
86ea94d06b fix(crypto): remove 3 BIP-173 test cases from segwit_addr
because they encode segwit program > 0 and these should no longer
be encoded with Bech32 but rather with Bech32m
2021-10-18 13:36:05 +02:00
Pavol Rusnak
60bd59fbad feat(crypto): update segwit_addr to support Bech32m 2021-10-18 13:36:05 +02:00
arbitrarylink
f051225730 feat(core,legacy): add support for Ethereum 64-bit chain_id
* Changes from original PR

* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.

* Ran 'make gen' and uploaded changed files.

* Ran make style_check and fixed reported errors

* Added changelog files

* Reverted changes concerning chain_id 0 being rejected.

* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1.  Also reverts MAX_CHAIN_ID to the previous value.

* Added missing whitespace around arithmetic operator.

Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
2021-09-10 15:09:03 +02:00
Ondřej Vejpustek
4827969cc8 fix(crypto): unify function headers in sha2.c and sha2.h 2021-09-08 14:00:02 +02:00
Ondřej Vejpustek
10bc747dc6 fix(crypto): fix argument type of ed25519_hram() 2021-09-08 14:00:02 +02:00
Christian Reitter
ba8eb408ea crypto: new iteration of fuzz testing code, improved dictionary script, minor documentation changes 2021-08-05 17:03:04 +02:00
Christian Reitter
78f879aaf1 crypto: improve fuzz testing code, harnesses, documentation and scripts 2021-08-05 17:03:04 +02:00
Andrew Kozlik
c1843f9f9f style(legacy): Remove nested conditional operators. 2021-07-22 10:54:49 +02:00
Pavol Rusnak
f740515c85 fix(core,crypto): add more test cases from bip-173 2021-07-21 11:20:11 +02:00
Andrew Kozlik
ce18f4bc8a test(crypto): Add progressive tests for hash functions. 2021-06-11 20:22:42 +02:00
Andrew Kozlik
b2cc3bcb36 fix(crypto): Fix incorrect handling of empty input in blake256_Update(). 2021-06-11 20:22:42 +02:00
Adam R
c4bf522b31
feat(crypto): add extra BIP32 test (test vector #4) (#1646) 2021-06-03 15:37:23 +02:00
Ondřej Vejpustek
e1a5f42c81 feat(core): make chacha_drbg more robust 2021-05-21 13:42:53 +02:00
Pavol Rusnak
b04d5bd514 fix(crypto): use ck_assert_uint_eq where we compare unsigned values 2021-05-13 14:13:56 +02:00
xloem
e821104237
fix(crypto): update case of windows.h (#1560)
When building for windows on a case-sensitive system, mingw always comes with a lower-case windows.h
2021-04-08 14:16:23 +02:00
Fabien
9ef26c347e Add support for Schnorr crypto (BCH variant)
Support Schnorr signature and verification defined in
https://github.com/bitcoincashorg/bitcoincash.org/blob/master/spec/2019-05-15-schnorr.md.

The implementation is based on https://github.com/Bitcoin-ABC/secp256k1
as well as the test vectors.
2021-03-09 14:22:56 +01:00
Pavol Rusnak
d6d1cd7b4c style(crypto): cleanup unused functions 2021-03-09 13:21:34 +01:00
Pavol Rusnak
93215ae3c7 style: reformat with clang-format 11 2021-01-04 14:40:16 +01:00
Rafael Korbas
edf9b4ee85 Refactor mnemonic_to_entropy to not (misleadingly) return checksum 2020-12-19 20:17:16 +01:00
Andrew Kozlik
b90ce7f2fc test(crypto): Add unit tests for ecdsa_sig_from_der(). 2020-12-17 16:33:33 +01:00
Andrew Kozlik
9f6d4ec538 chore(crypto): Implement DER signature parsing. 2020-12-17 16:33:33 +01:00
Pavol Rusnak
78be2c9cac fix(crypto): fix build on clang/arm64 2020-12-17 00:09:47 +01:00
Andrew Kozlik
acf7294ca2 test(crypto): Add more unit tests for invalid T9 prefix in SLIP39 word lookup. 2020-12-15 13:41:42 +01:00
Andrew Kozlik
55f3df6b0c chore(crypto): Rework SLIP-39 word lookup. 2020-12-15 13:41:42 +01:00
Andrew Kozlik
e3afd984ae test(crypto): Add SLIP39 word completion test. 2020-12-15 13:41:42 +01:00
Andrew Kozlik
e615fc6263 chore(crypto): Rename wordlist to slip39_wordlist and add include guards. 2020-12-15 13:41:42 +01:00
Andrew Kozlik
7fc1851279 fix(crypto): Improve naming and robustness of SLIP39's T9 mask lookup. 2020-12-15 13:41:42 +01:00
Andrew Kozlik
c5f26beeea fix(crypto): Fix undefined behavior in xmr_read_varint(). 2020-12-03 20:05:05 +01:00
Andrew Kozlik
dab353f888 test(crypto): Test signature verification for a digest which is equal to the group order. 2020-12-02 17:11:29 +01:00
Andrew Kozlik
fed59ec770 fix(crypto): In ecdsa_verify_digest() allow the digest to be equal to the order of the group. 2020-12-02 17:11:29 +01:00
Pavol Rusnak
50fdd183c2
ci: enable editorconfig checks, fix whitespace issues 2020-11-11 14:43:50 +01:00
Andrew Kozlik
7ae338bd87 chore(crypto): Improve comments and error handling in ecdsa_verify_digest(). 2020-10-23 15:05:07 +02:00
Andrew Kozlik
c67ecb984b chore(crypto): Move XPUB_MAXLEN and ADDRESS_MAXLEN from modtrezorcrypto to bip32.h. 2020-10-13 13:13:49 +02:00
Andrew Kozlik
5429acdb7f
crypto: fix undefined behavior in shamir unbitslice (#1219) 2020-08-24 14:25:43 +02:00
Christian Reitter
676ac1571a crypto: add fuzz testing harnesses and documentation 2020-07-07 14:41:10 +02:00
Ondřej Vejpustek
9598d17f10 crypto: make bn_format faster 2020-06-26 12:29:21 +02:00
Ondřej Vejpustek
015c294857 crypto/tests: parametrize test_bn_format 2020-06-26 12:29:21 +02:00
Ondřej Vejpustek
e630279487 crypto: fix comment 2020-06-17 18:56:03 +02:00
Ondřej Vejpustek
76849f0bd6 crypto: make ecdsa_recover_pub_from_sig faster 2020-06-17 18:56:03 +02:00
Ondřej Vejpustek
24ceb0ab6b crypto/bignum: change limb size to 29, add tests 2020-05-24 14:36:38 +00:00
Andrew Kozlik
3843f917e9 crypto: Check for invalid characters in Monero Base58 decode. 2020-05-24 14:36:37 +00:00
Andrew Kozlik
20dd1ddc60 crypto: Fix buffer overflow in b58tobin. 2020-05-24 14:36:37 +00:00
Ondřej Vejpustek
4504469e80 crypto: add tests for chacha_drbg 2020-04-16 11:51:28 +02:00
Ondřej Vejpustek
d5bfe6b32f crypto: add chacha_drbg 2020-04-16 11:51:28 +02:00
Pavol Rusnak
ff706eb70b
crypto: split hdnode_deserialize into hdnode_deserialize_{public,private} 2020-04-06 16:28:02 +00:00
Pavol Rusnak
b5446bd125
crypto: fix last commit 2020-02-17 19:16:54 +00:00
Pavol Rusnak
1859b5b588
crypto: update bip39bruteforce.c to segwit-in-p2sh 2020-02-17 19:01:43 +00:00
Ondřej Vejpustek
e7a81560f1
crypto: derive public key in hdnode_sign only for supported ed25519 curves 2020-01-18 15:18:03 +00:00
Pavol Rusnak
76eefd026f
all: let's use -Wno-missing-braces because clang does not respect
initialization of structs with = {0};
2019-10-11 09:59:32 +02:00
Ondřej Vejpustek
11aa654abc
crypto: explicitly initialize variable length arrays 2019-10-09 17:05:34 +02:00
Ondřej Vejpustek
fdad317d8c
crypto: explicitly initialize variables 2019-10-09 17:05:33 +02:00
Pavol Rusnak
8eee90fd9a
crypto: sync base58.c with upstream 2019-09-29 08:46:21 +00:00
Pavol Rusnak
78041d261b
crypto: refactor bip39 api 2019-09-23 17:56:36 +02:00
Pavol Rusnak
b3c58e4a17
git subrepo pull crypto
subrepo:
  subdir:   "crypto"
  merged:   "915b3dbbb"
upstream:
  origin:   "git+ssh://git@github.com/trezor/trezor-crypto"
  branch:   "master"
  commit:   "915b3dbbb"
git-subrepo:
  version:  "0.4.0"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "5d6aba9"
2019-09-12 11:52:12 +02:00
Pavol Rusnak
db86092319
crypto: fix valgrind issue with ed25519-donna, clean local variables 2019-08-30 17:21:15 +02:00
Marius Kjærstad
1d6ea33ec6 docs: switch http to https in links (#419) 2019-08-16 17:28:15 +02:00
Andrew Kozlik
217c910b4b cardano: Implement SLIP-0023 and add SLIP-0039 support for Cardano. 2019-07-25 19:43:05 +02:00
Tomas Susanka
49d6a35249 core: add slip39 keyboard 2019-06-23 21:33:58 +02:00
Pavol Rusnak
54d348228f
all: rename TREZOR to Trezor where possible 2019-06-17 20:28:29 +02:00
Andrew Kozlik
013929de0b crypto/hmac_drbg: Fix buffer overflow. 2019-06-11 11:41:40 +02:00
Andrew Kozlik
d95756ccf3 crypto/hmac_drbg: Fix style. 2019-06-11 11:41:40 +02:00
Andrew Kozlik
1d9e125fd4 crypto/rfc6979: Use the new HMAC DRBG implementation in rfc6979.c. Remove code duplication between rfc6979.c and ecdsa.c. 2019-06-11 11:41:40 +02:00
Andrew Kozlik
b915092a44 crypto/hmac_drbg: Add nonce parameter to hmac_drbg_init(). 2019-06-11 11:41:40 +02:00
Andrew Kozlik
7c44340c40 crypto: Add HMAC deterministic random bit generator and unit tests. 2019-06-11 11:41:40 +02:00
Pavol Rusnak
f7053d96fe
all: remove extraneous whitespace 2019-05-26 22:20:14 +02:00
Pavol Rusnak
cc2acb2e67
Revert "crypto: add support for schnorr signatures"
This reverts commit 8114e0f9fc.
2019-05-23 20:15:30 +02:00
matejcik
9b168daa19 style: improve makefile output, format test files 2019-05-13 18:00:43 +02:00
Andrew Kozlik
025974a97d crypto/shamir: Memzero stack variables even in performace critical functions. 2019-05-03 14:18:54 +02:00
Andrew Kozlik
223868f552 crypto/shamir: Fix edge case when shamir_interpolate() is called with duplicate share indices which are equal to the result index. 2019-05-02 18:44:56 +02:00
Andrew Kozlik
48a98efc58 crypto/shamir: Reorder #includes. 2019-04-29 12:04:31 +02:00
Andrew Kozlik
e631983d6d Merge remote-tracking branch 'origin/master' into andrewkozlik/slip0039 2019-04-29 11:29:54 +02:00
Tomas Susanka
24bd4f84da ci: gitlab init
Lot of things are missing, this is to at least have something in master. Todo:
- add legacy, python and storage tests
- fix crypto
- cache
- pass builds from build stage to tests using artefacts

and many others
2019-04-23 15:57:24 +02:00
Tomas Susanka
456d98ac03 all: style 2019-04-23 14:41:59 +02:00
armatusmiles
8114e0f9fc
crypto: add support for schnorr signatures 2019-04-22 00:52:50 +02:00
Tomas Susanka
1995169255 crypto: style 2019-04-19 16:36:39 +02:00
Pavol Rusnak
8b06598474
core+legacy: rework code styling checks 2019-04-18 17:40:55 +02:00
Andrew Kozlik
ccb169e39e crypto/shamir: Add copyright. 2019-04-18 15:11:54 +02:00
Andrew Kozlik
1ee831f50c Merge remote-tracking branch 'origin/master' into andrewkozlik/slip0039 2019-04-18 14:59:05 +02:00
Andrew Kozlik
c073d68a2d crypto/shamir: Improve error handling. 2019-04-18 14:35:18 +02:00
Pavol Rusnak
e7592a4c04
nix: consolidate various shell.nix files into one 2019-04-18 00:26:04 +02:00
Andrew Kozlik
1b3c0e0243 crypto/tests: Add unit tests for Shamir secret sharing. 2019-04-17 17:28:34 +02:00
Kurotych Anatolii
23bfb31ad2 crypto/ecdsa: add compress_coords (#42) 2019-04-17 12:19:01 +02:00
Andrew Kozlik
0d21bca288 crypto: Move Shamir secret sharing to trezor-crypto. 2019-04-17 11:26:16 +02:00
Pavol Rusnak
be76dcc96a
toplevel: reorganize .gitignore files 2019-04-17 00:05:24 +02:00
matejcik
fd2829a27b MONOREPO SUBREPO FILES 2019-04-15 19:15:14 +02:00
matejcik
4e0d813269 MONOREPO MERGE trezor-crypto 2019-04-15 19:14:52 +02:00