Commit Graph

73 Commits

Author SHA1 Message Date
Pieter Wuille
43cbeb7fa5 Merge #7891: Always require OS randomness when generating secret keys
628cf14 Don't use assert for catching randomness failures (Pieter Wuille)
fa2637a Always require OS randomness when generating secret keys (Pieter Wuille)
2017-12-21 18:50:14 +01:00
Alexander Block
d532f22d3b Use BIP32_EXTKEY_SIZE instead of fixed constant
This was missed in previous backports.
2017-12-20 17:25:02 +01:00
MarcoFalke
333e1eaeea
Bump copyright headers to 2015
- Bump copyright headers to 2015
- [devtools] Rewrite fix-copyright-headers.py
- [devtools] Use git pretty-format for year parsing

Github-Pull: #7205
Rebased-From: fa6ad855e9 fa24439ff3 fa71669452
2016-01-05 14:13:33 +01:00
Pieter Wuille
48edf5746a Update key.cpp to new secp256k1 API 2015-11-13 00:12:53 +01:00
Wladimir J. van der Laan
6a877e870e
Merge pull request #6034
a574899 chaincodes: abstract away more chaincode behavior [squashme] replace struct CCainCode with a typedef uint256 ChainCode (Cory Fields)
8cf1485 Abstract chaincodes into CChainCode (Pieter Wuille)
2015-05-06 18:37:49 +02:00
Cory Fields
a574899671 chaincodes: abstract away more chaincode behavior
[squashme] replace struct CCainCode with a typedef uint256 ChainCode
2015-05-06 17:22:46 +02:00
Pieter Wuille
a56054be65 Update key.cpp to use new libsecp256k1
libsecp256k1's API changed, so update key.cpp to use it.

Libsecp256k1 now has explicit context objects, which makes it completely thread-safe.
In turn, keep an explicit context object in key.cpp, which is explicitly initialized
destroyed. This is not really pretty now, but it's more efficient than the static
initialized object in key.cpp (which made for example bitcoin-tx slow, as for most of
its calls, libsecp256k1 wasn't actually needed).

This also brings in the new blinding support in libsecp256k1. By passing in a random
seed, temporary variables during the elliptic curve computations are altered, in such
a way that if an attacker does not know the blind, observing the internal operations
leaks less information about the keys used. This was implemented by Greg Maxwell.
2015-05-04 14:45:34 +02:00
Pieter Wuille
8cf1485f3b Abstract chaincodes into CChainCode
# Conflicts:
#	src/key.cpp
#	src/key.h
2015-05-02 11:17:16 +02:00
Pieter Wuille
437ada3e55 Switch test case signing to RFC6979 extra entropy
Instead of manually tweaking the deterministic nonce post-generation,
pass the test case number in as extra entropy to RFC6979.
2015-03-27 15:31:47 -07:00
Cory Fields
16a58a8644 keys: remove libsecp256k1 verification until it's actually supported
This was added a while ago for testing purposes, but was never intended to be
used. Remove it until upstream libsecp256k1 decides that verification is
stable/ready.
2015-03-02 11:31:43 -05:00
Pieter Wuille
1a9576de9d Use libsecp256k1's RFC6979 implementation 2015-01-06 00:28:44 +01:00
Wladimir J. van der Laan
734f85c4f0 Use arith_uint256 where necessary
Also add conversion from/to uint256 where needed.
2015-01-05 15:45:35 +01:00
Wladimir J. van der Laan
4f1524966a Replace direct use of 0 with SetNull and IsNull
Replace x=0 with .SetNull(),
x==0 with IsNull(), x!=0 with !IsNull().
Replace uses of uint256(0) with uint256().
2015-01-05 15:45:34 +01:00
Pieter Wuille
9a5cabf3da
Merge pull request #5508
146c0a7 Add RandAddSeedPerfmon to MakeNewKey (21E14)
2015-01-04 16:37:24 +01:00
sandakersmann
f914f1a746
Added "Core" to copyright headers
Github-Pull: #5494
Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
2014-12-19 19:55:32 +01:00
21E14
146c0a7c5a Add RandAddSeedPerfmon to MakeNewKey 2014-12-18 20:25:04 -05:00
Pieter Wuille
830ee48b59 Update Bitcoin for libsecp256k1 API change 2014-12-11 02:06:28 +01:00
Wladimir J. van der Laan
f0877f8b62
Merge pull request #5227
4cdaa95 Resize after succesful result (Pieter Wuille)
9d8604f Header define style cleanups (Pieter Wuille)
a53fd41 Deterministic signing (Pieter Wuille)
3060e36 Add the RFC6979 PRNG (Pieter Wuille)
a8f5087 Add HMAC-SHA256 (Pieter Wuille)
36fa4a7 Split up crypto/sha2 (Pieter Wuille)
2014-12-01 14:57:58 +01:00
Pieter Wuille
4cdaa95a20 Resize after succesful result 2014-11-28 21:16:51 +01:00
Pieter Wuille
f321d6bfff Add key generation/verification to ECC sanity check 2014-11-23 10:47:39 +01:00
Pieter Wuille
d0c41a7350 Add sanity check after key generation
Add a sanity check to prevent cosmic rays from flipping a bit in the
generated public key, or bugs in the elliptic curve code. This is
simply done by signing a (randomized) message, and verifying the
result.
2014-11-23 10:47:39 +01:00
Pieter Wuille
a53fd41485 Deterministic signing 2014-11-20 17:22:06 +01:00
Pieter Wuille
36fa4a78ac Split up crypto/sha2 2014-11-20 17:22:02 +01:00
Pieter Wuille
dffb8f81b8 Use libsecp256k1 in key.cpp 2014-11-18 18:06:46 +01:00
Pieter Wuille
f4e0aefadc Do signature-s negation inside the tests
To avoid the need for libsecp256k1 to expose such functionality.
2014-11-10 05:03:24 -08:00
Cory Fields
d2e74c55bd boost: moveonly: split CPubKey and friends to new files 2014-10-31 01:19:37 -04:00
Cory Fields
78c228c6e5 boost: moveonly: move BIP32Hash to hash.h 2014-10-31 01:13:07 -04:00
Cory Fields
900078aeb4 boost: moveonly: create eccryptoverify.h|cpp and move helper functions there
Eventually (after 0.10) these files will hold the logic for crypto
verification routines, and CKey/CPubKey will call into them.
2014-10-31 01:13:07 -04:00
Michael Ford
2b173d3bcc Update comments in keystore to be doxygen compatible 2014-10-28 12:06:59 +08:00
Michael Ford
ffd8eddab5 Update comments in key to be doxygen compatible 2014-10-28 12:02:25 +08:00
Cory Fields
50f71cd52e boost: code movement only: split CECKey into separate files 2014-10-27 15:00:58 -04:00
Cory Fields
bdaec6abd3 boost: remove CPubKey dependency from CECKey. Follow-up of e405aa48 2014-10-27 14:39:32 -04:00
Cory Fields
e405aa48c7 boost: remove CPrivKey dependency from CECKey
This allows CECKey to be used without directly depending on the secure
allocators
2014-10-15 15:13:20 -04:00
Pieter Wuille
8138cbea3c Add automatic script test generation, and actual checksig tests 2014-09-26 21:58:48 +02:00
ENikS
8d657a6517 Fixing compiler warning C4800: 'type' forcing value to bool 'true' or 'false' 2014-09-06 15:59:59 -04:00
ENikS
c0f5d4aba5 Fixing Compiler Error C2466 2014-09-01 19:51:25 -04:00
Philip Kaufmann
001a53d742 add GetRandBytes() as wrapper for RAND_bytes()
- add a small wrapper in util around RAND_bytes() and replace with
  GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
2014-07-09 09:42:18 +02:00
Pieter Wuille
fda3fed18a libsecp256k1 integration 2014-07-01 12:28:05 -04:00
Philip Kaufmann
e10dcf27b4 ensure clean and consistent "namespace" usage
- remove some missplaced ;
- ensure end of a namespace is clearly visible
- use same formatting when using namespace
2014-06-26 10:36:57 +02:00
Pieter Wuille
13b5dfef64 Move crypto implementations to src/crypto/ 2014-06-21 19:47:42 +02:00
Pieter Wuille
977cdadea8 Add a built-in SHA256/SHA512 implementation.
This also moves the HMAC-SHA512 implementation to sha2.cpp.
2014-06-21 19:47:39 +02:00
Andrew Poelstra
4a09e1df51
key.cpp: fail with a friendlier message on missing ssl EC support
Previously if bitcoind is linked with an OpenSSL which is compiled
without EC support, this is seen as an assertion failure "pKey !=
NULL" at key.cpp:134, which occurs after several seconds. It is an
esoteric piece of knowledge to interpret this as "oops, I linked
with the wrong OpenSSL", and because of the delay it may not even
be noticed.

The new output is

: OpenSSL appears to lack support for elliptic curve cryptography. For
more information, visit
https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries
: Initialization sanity check failed. Bitcoin Core is shutting down.

which occurs immediately after attempted startup.

This also blocks in an InitSanityCheck() function which currently only
checks for EC support but should eventually do more. See #4081.
2014-06-03 12:09:51 -07:00
Kamil Domanski
f40dbeedde remove CPubKey::VerifyCompact( ) which is never used 2014-05-20 14:58:21 +02:00
Pieter Wuille
6fd7ef2bbf Also switch the (unused) verification code to low-s instead of even-s.
a81cd968 introduced a malleability breaker for signatures
(using an even value for S). In e0e14e43 this was changed to
the lower of two potential values, rather than the even one.
Only the signing code was changed though, the (for now unused)
verification code wasn't adapted.
2014-03-10 20:38:32 +01:00
Gregory Maxwell
9b59e3bda8 Sanitize assert usage and refuse to compile with NDEBUG.
There were quite a few places where assert() was used with side effects,
 making operation with NDEBUG non-functional.  This commit fixes all the
 cases I know about, but also adds an  #error on NDEBUG because the code
 is untested without assertions and may still have vulnerabilities if
 used without assert.
2013-12-02 11:33:44 -08:00
Brandon Dahler
51ed9ec971 Cleanup code using forward declarations.
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
2013-11-10 09:36:28 -06:00
Pieter Wuille
9b1200c23b
Merge pull request #3119
db0e8cc Bump Year Number to 2013 (super3)
2013-10-20 22:25:44 +02:00
super3
db0e8ccd90 Bump Year Number to 2013 2013-10-20 15:25:06 -04:00
Gavin Andresen
796e7b7aec Merge pull request #2950 from pstratem/walletload
Walletload
2013-10-16 20:12:38 -07:00
Pieter Wuille
e0e14e43d9 Use 'low S' as malleability breaker rather than 'even S' 2013-09-20 09:30:41 +02:00