search

LedgerHQ / nanos-secure-sdk

Secure (ST31) SDK for Ledger Nano S
Apache License 2.0
96 stars 53 forks source link

Deriving secrets for arbitrary crypto #6

Closed immesys closed 1 year ago

immesys commented 6 years ago

I am in the early stages of writing an app for the Ledger Nano S. I would like to derive a private key for use in an arbitrary cryptosystem (basically just deterministic entropy), what do I pass to os_perso_derive_node_bip32 for the curve parameter? Also, is the result always 32 bytes?

Thanks

TamtamHero commented 6 years ago

You have a choice of multiple curves, the most common beeing CX_CURVE_256K1. You can find a complete list in cx.h The output is 2 arrays of 32 bytes length: privateKey and chain.

jake-b commented 6 years ago

I think the question is slightly different. I have a similar case.

I think what's being asked here is you're not using a common curve (a curve not available in the cx.h constants). I think @immesys is asking if there's a way to deterministically generate random bytes based on the seed phrase for use in key generations by other crypto systems not in cx.h

In my use case, I need to generate a Curve25519 key pair. I can't seem to get this to work using the built in functions. os_perso_derive_node_bip32(CX_CURVE_Curve25519... doesn't seem to work for me last I checked (which was months ago). There is no entitlement in the loader for CX_CURVE_Curve25519

I've been using os_perso_derive_node_bip32(CX_CURVE_Ed25519 and entitlement and just passing the bytes to a Curve25519 keygen function... I think this is okay, as both Ed25519 and Curve25519 key generation functions should be getting a random set of bytes. I am not a cryptographer, and don't know if the output from os_perso_derive_node_bip32(CX_CURVE_Ed25519 can be used in this way without causing some sort of odd crypto vulnerability.

cslashm commented 6 years ago

Hi, (quick answer.)

CX_CURVE_Curve25519 is not supported for know (It will be), but in openpgp app I need to generate deterministically keys for RSA/ECDSA/EDDSA.

I did it using master seed as described here: https://github.com/LedgerHQ/blue-app-openpgp-card/blob/master/doc/developper/gpgcard3.0-addon.rst#deterministic-key-derivation

Corresponding code is here:

I hope it will help.

oto-ledger commented 6 years ago

A new endpoint is coming to satisfy various derivation needs. Stay tuned for the 1.4.3.

xchapron-ledger commented 1 year ago

Closing it as this one is old.