Pavol Rusnak
c962d3520b
Merge branch 'release/22.08'
2022-08-22 11:10:45 +02:00
Pavol Rusnak
cba74272e1
chore(crypto): remove graphene base58 functions as they are not used anywhere
...
[no changelog]
2022-08-08 12:02:01 +02:00
Andrew Kozlik
fa5e7feda6
fix(crypto): Fix nonce bias in CoSi signing.
2022-08-02 20:38:04 +02:00
matejcik
fcd43b93ac
feat(crypto): add thousands separator to bn_format
2022-08-02 20:35:49 +02:00
Andrew Kozlik
d19af9896b
refactor(crypto): Apply formatting to Monero code.
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
e0358c7f24
fix(crypto): fix required output length in xmr_base58_encode()
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
7a5cfbae19
fix(crypto): set output length correctly in xmr_base58_encode()
2022-07-14 15:47:54 +02:00
Andrew Kozlik
81c9cd66ef
fix(crypto): Set output length correctly in xmr_base58_decode().
2022-07-14 15:47:54 +02:00
Ondřej Vejpustek
f4d0dd9807
fix(crypto): initialize local variables to zero in ed25519-dona
2022-07-08 16:01:18 +02:00
Andrew Kozlik
c0cf84c03d
refactor(crypto): Reduce code duplication in ed25519.c.
2022-07-07 18:47:33 +02:00
Andrew Kozlik
093fbecb7a
refactor(crypto): Clean up ed25519_publickey_ext() API.
2022-07-07 18:47:33 +02:00
Andrew Kozlik
b1bee00a3a
fix(crypto): Fix bip39 out of bounds read.
2022-07-04 14:10:39 +02:00
matejcik
8c3d3c6548
chore: bump black to 22.3
...
changes:
* exponent operator ** now allows no spaces around itself: https://github.com/psf/black/issues/538
* optional unicode marker u"" is no longer allowed
[no changelog]
2022-06-29 14:35:16 +02:00
Andrew Kozlik
892f3e348d
fix(crypto): Remove public key from the ed25519 signing API.
...
[no changelog]
2022-06-27 18:59:08 +02:00
matejcik
38a36a131f
chore: rename BIP39_WORDS to BIP39_WORD_COUNT
2022-06-01 16:35:33 +02:00
matejcik
dfa4b1d9a1
build: add bip39_english.o where appropriate
...
[no changelog]
2022-06-01 16:35:33 +02:00
matejcik
61adb0a62b
feat(crypto): expose BIP39 wordlist
2022-06-01 16:35:33 +02:00
matejcik
e98464d2c8
build(crypto): make clang version cross-platform compatible
2022-06-01 16:35:33 +02:00
Ondřej Vejpustek
bdfc453245
refactor(crypto): remove code that is duplicated in secp256k1-zkp submodule
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
53d522a1fd
fix(crypto): reduce digest in RFC6979 to match specification
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
ea5886026f
refactor(crypto,legacy): extend parameters of init_rfc6979 by curve
2022-05-16 16:23:18 +02:00
Ondřej Vejpustek
db0da196a8
chore(vendor): update secp256k1-zkp to latest
2022-05-16 16:23:18 +02:00
Dusan Klinec
e69467bc04
chore(crypto): drop support for Monero range proof
2022-05-16 12:37:24 +02:00
Pavol Rusnak
8f1d33d5f9
build(core,legacy): remove gcc, use cc instead of gcc
...
for firmware builds we still use arm-none-eabi-gcc via $(PREFIX)gcc
[no changelog]
2022-04-27 15:48:14 +02:00
Ondřej Vejpustek
8356d0a572
fix(crypto): use zero auxiliary data in BIP340
2022-04-12 16:22:42 +02:00
Christian Reitter
420a031a32
docs(crypto): document fuzzer dictionary export format
2022-04-01 15:31:38 +02:00
Christian Reitter
49f2c5e7ea
feat(crypto): clear internal BIP32 & BIP39 caches
2022-04-01 15:31:38 +02:00
Christian Reitter
dbc070976e
feat(crypto): adapt to schnorr function removal
2022-04-01 15:31:38 +02:00
Christian Reitter
b9a3a73c27
feat(crypto): improved clang version checks, remove duplicate, adapt to refactor
...
Makefiles do not natively support compiler version checks, so some
shell-based tricks have to be used instead.
The ethereum_address_checksum() function changed, adapt input length.
2022-04-01 15:31:38 +02:00
Christian Reitter
cf3c57d0ae
feat(crypto): improve trezor-crypto fuzzer, add new dictionary extraction program
...
Introduce fuzzing harnesses for zkp* functions and adapt some differential fuzzing
Additional documentation and minor cleanup
Add temporary workaround for clang-14 and more explicit Makefile behavior
2022-04-01 15:31:38 +02:00
Christian Reitter
47a05720aa
docs(crypto): update fuzzer documentation
2022-04-01 15:31:38 +02:00
Christian Reitter
18192e8eb2
feat(crypto): small fuzzer improvements
...
change mnemonic_to_bits() approach, fuzz mnemonic_to_seed(), minor code fixes
2022-04-01 15:31:38 +02:00
Christian Reitter
052a860afc
feat(crypto): fuzz mnemonic_from_data()
2022-04-01 15:31:38 +02:00
Christian Reitter
5564251920
feat(crypto): improve fuzzer secp256k1-zkp integration, add build workaround and sanitizer optimization, minor renaming
2022-04-01 15:31:38 +02:00
Christian Reitter
aee864c7ee
feat(crypto): improve fuzz testing code, documentation
2022-04-01 15:31:38 +02:00
Pavol Rusnak
d2044d29b6
fix(crypto): add missing license to crypto/chacha20poly1305
...
[no changelog]
2022-03-16 10:54:15 +01:00
matejcik
2ce1e6ba7d
feat(crypto): API for clearing internal caches
2022-02-16 15:21:32 +01:00
Ondřej Vejpustek
146c1fe721
test(crypto): add tests for zkp_bip340_verify_publickey
2022-02-16 10:25:15 +01:00
Pavol Rusnak
ea6b005003
feat(legacy): verify bip340 pubkeys used in p2tr addresses
2022-02-16 10:25:15 +01:00
Ondřej Vejpustek
27d5bf1573
revert(crypto): remove BCH Schnorr signatures
...
This reverts commit 9ef26c347e
.
2022-01-31 13:56:06 +01:00
Andrew Kozlik
d6fdadf673
feat(crypto): Sanitize undefined behavior.
2022-01-19 15:22:03 +01:00
Andrew Kozlik
56126b75a7
ci: Use address sanitizer in CI.
...
[no changelog]
2022-01-19 15:22:03 +01:00
Pavol Rusnak
2880a2fa33
fix(crypto): refactor ethereum_address_checksum to prepend "0x" ( #2029 )
...
[no changelog]
2022-01-12 21:00:54 +01:00
Andrew Kozlik
8baf1ca79f
fix(crypto): Fix out of bounds read in ecdsa_sig_to_der().
...
[no changelog]
2022-01-11 17:29:53 +01:00
Christian Reitter
525bbab165
tests(crypto): update wycheproof testcase source and parsing
...
The JSON schema of the test cases has slightly changed.
The "curve" field has moved to the "testGroups" level and the X25519 algorithm has been renamed,
which requires adjustments in the parsing code.
A duplicate definition of "ecdh_vectors" has also been removed.
2022-01-07 16:55:24 +01:00
Christian Reitter
176b12762f
fix(crypto): fix expected_sig buffer handling
2022-01-07 14:54:52 +01:00
Christian Reitter
64281c69ce
fix(crypto): fix incorrect sig buffer size
2022-01-07 14:54:52 +01:00
Andrew Kozlik
4882648dad
fix(crypto): Treat point at infinity as an invalid public key in ecdsa_recover_pub_from_sig().
2022-01-07 14:37:40 +01:00
Pavol Rusnak
c0510fc91e
build(crypto): make valgrind flag compatible with secp256k1-zkp ( #2027 )
...
Co-authored-by: Ondřej Vejpustek <ondrej.vejpustek@satoshilabs.com>
2021-12-20 15:19:14 +01:00
Christian Reitter
d1d3558d02
fix(crypto): revert to bitwise OR operator and silence warning
2021-12-09 14:31:52 +01:00
Christian Reitter
0c482173ab
fix(crypto): use logical instead of bitwise operator
...
Discovered via clang-14 warnings for -Wbitwise-instead-of-logical
Closes https://github.com/satoshilabs/trezor-firmware/issues/129
2021-12-09 14:31:52 +01:00
Martin Milata
cace42c6e9
fix(crypto/test): fix uninitialized variable use
...
tests/test_speed.c:61:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
61 | ed25519_publickey(sk, pk);
tests/test_speed.c:145:3: error: ‘sk’ may be used uninitialized [-Werror=maybe-uninitialized]
145 | ed25519_publickey(sk, pk);
2021-12-06 16:25:59 +01:00
Christian Reitter
91dd21b561
fix(crypto): clarify incorrect base58.c code comment
2021-12-01 18:09:52 +01:00
Ondřej Vejpustek
a4e13cb6e4
fix(crypto): assign NULL to zkp_context after is is destroyed
2021-11-29 14:16:42 +01:00
Ondřej Vejpustek
f1ebe8f23e
refactor(crypto): expose zkp_context_is_initialized
2021-11-29 14:16:42 +01:00
Pavol Rusnak
7cd27cf1d6
fix(crypto): fix wrong input handling in mktable
...
[no changelog]
2021-11-19 23:10:34 +01:00
Andrew Kozlik
1f4573905f
feat(crypto): Add TapSigHash to Hasher.
2021-11-18 22:39:32 +01:00
Ondřej Vejpustek
2e4884199b
build(crypto): build secp256k1-zkp with flags needed by sanitizers
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
71b12a2a71
refactor(crypto): make secp256k1_context_writable_randomize() return status
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ad38d8e324
refactor(crypto,core): make zkp_context_init() return status
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
ec808050ba
refactor(crypto): return error from ecdsa routines on unexpected curve
2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
3612620268
build(crypto,core): make secp256k1-zkp context as small as possible
2021-11-18 19:05:40 +01:00
Andrew Kozlik
85ff3682c9
test(crypto): Add BIP-341 test vectors.
2021-11-13 13:33:46 +01:00
Andrew Kozlik
3f5c11a919
test(crypto): Add unit test for BIP340 tweak.
2021-11-13 13:33:46 +01:00
Andrew Kozlik
4a6bd14993
feat(crypto): Add key tweaking functions to zkp_bip340.c.
2021-11-13 13:33:46 +01:00
matejcik
ea0dcff548
feat(crypto): support all bip39 lengths in mnemonic_to_bits
2021-11-10 13:57:57 +01:00
matejcik
80e4b27f09
feat(crypto/cardano): implement Cardano Ledger derivation
2021-11-10 13:57:57 +01:00
matejcik
1174648777
refactor(crypto): extract Cardano derivations to separate file
...
Changes the API: all Cardano derivations will now produce a 96-byte
secret in the format of private_key + private_key_ext + chain_code.
This can then be trivially converted to a HDNode.
2021-11-10 13:57:57 +01:00
Ondřej Vejpustek
f96e737ef5
fix(crypto): fix undefined behaviour of IS_ALIGNED_64 macro
2021-11-08 17:38:51 +01:00
2128675309
684e0c886d
feat(crypto): add big endian support
2021-11-04 20:38:52 +01:00
Andrew Kozlik
eb90efd914
chore(crypto,core,legacy): Add return code to hdnode_fill_public_key().
...
[no changelog]
2021-11-01 16:39:53 +01:00
Andrew Kozlik
307d166383
fix(crypto): Clean up stack in ed25519.c.
2021-11-01 16:39:53 +01:00
Andrew Kozlik
34621a6b6d
fix(crypto,core,legacy): Check private key validity when deriving public key.
...
[no changelog]
2021-11-01 16:39:53 +01:00
Andrew Kozlik
5d03110a42
fix(crypto): Treat edge cases in ecdsa_sign_digest() same as ecdsa_verify_digest() does.
2021-11-01 16:39:53 +01:00
Ondřej Vejpustek
05ae15bcb6
build(crypto): use precomputed context for secp256k1-zkp
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
dbfc7d241f
chore(vendor,crypto): bump version of secp256k1-zkp
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
4026987353
refactor(crypto): remove useless variable in zkp_context.c
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
273d6d14cc
refactor(crypto): propagate error from zkp_context_acquire_writable()
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
29ce860d46
refactor(core,crypto): rename schnorr to BIP340
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
15bb085509
refactor(core,crypto): make public key derivation functions return
...
status
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
61143edb4d
test(crypto): add tests for Schnorr signatures
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
1dad7fe7c5
feat(crypto): add wrapers for BIP-340 compatible Schnorr signatures from secp256k1_zkp
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
f2459e335d
test(crypto): add tests for get_public_key{33,65}
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
79153135b7
test(crypto): add ecdsa tests for secp256k1_zkp
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
aca37e5eb2
refactor(crypto): make helper function for ecdsa_recover_pub_from_sig and
...
ecdsa_verify_digest
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
3cd2e89fbc
refactor(crypto): split test_ecdsa_signature into two tests
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
d2f8f4b021
feat(crypto): add wrappers for ecdsa from secp256k1_zkp
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
75e61da70b
feat(crypto): implement randomizable secp256k1_zkp context
2021-10-25 14:41:28 +02:00
Ondřej Vejpustek
6bee78af19
feat(crypto): compile crypto with secp256k1_zkp
2021-10-25 14:41:28 +02:00
Pavol Rusnak
d34b1636ee
feat(crypto): add BIP-350 test cases to test_check_segwit
2021-10-18 13:36:05 +02:00
Pavol Rusnak
86ea94d06b
fix(crypto): remove 3 BIP-173 test cases from segwit_addr
...
because they encode segwit program > 0 and these should no longer
be encoded with Bech32 but rather with Bech32m
2021-10-18 13:36:05 +02:00
Pavol Rusnak
60bd59fbad
feat(crypto): update segwit_addr to support Bech32m
2021-10-18 13:36:05 +02:00
arbitrarylink
f051225730
feat(core,legacy): add support for Ethereum 64-bit chain_id
...
* Changes from original PR
* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.
* Ran 'make gen' and uploaded changed files.
* Ran make style_check and fixed reported errors
* Added changelog files
* Reverted changes concerning chain_id 0 being rejected.
* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1. Also reverts MAX_CHAIN_ID to the previous value.
* Added missing whitespace around arithmetic operator.
Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
2021-09-10 15:09:03 +02:00
Ondřej Vejpustek
4827969cc8
fix(crypto): unify function headers in sha2.c and sha2.h
2021-09-08 14:00:02 +02:00
Ondřej Vejpustek
10bc747dc6
fix(crypto): fix argument type of ed25519_hram()
2021-09-08 14:00:02 +02:00
Christian Reitter
ba8eb408ea
crypto: new iteration of fuzz testing code, improved dictionary script, minor documentation changes
2021-08-05 17:03:04 +02:00
Christian Reitter
78f879aaf1
crypto: improve fuzz testing code, harnesses, documentation and scripts
2021-08-05 17:03:04 +02:00
Andrew Kozlik
c1843f9f9f
style(legacy): Remove nested conditional operators.
2021-07-22 10:54:49 +02:00
Pavol Rusnak
f740515c85
fix(core,crypto): add more test cases from bip-173
2021-07-21 11:20:11 +02:00
Andrew Kozlik
ce18f4bc8a
test(crypto): Add progressive tests for hash functions.
2021-06-11 20:22:42 +02:00