arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-16 04:29:08 +00:00
Code Issues Releases Wiki Activity

core/slip39: Resolve code review comments.

Browse Source
This commit is contained in:
Andrew Kozlik 2019-05-03 15:12:13 +02:00
parent 025974a97d
commit 0248671438
1 changed files with 32 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
core/src/trezor/crypto/slip39.py
View File

@ -209,13 +209,19 @@ def _create_digest(random_data, shared_secret):
def _split_secret(threshold, share_count, shared_secret): def _split_secret(threshold, share_count, shared_secret):
assert 0 < threshold <= share_count <= MAX_SHARE_COUNT if threshold < 1:
raise ValueError(
"The requested threshold ({}) must be a positive integer.".format(
threshold
)
)
# If the threshold is 1, then the digest of the shared secret is not used. if threshold > share_count:
if threshold == 1: raise ValueError(
return [(i, shared_secret) for i in range(share_count)] "The requested threshold ({}) must not exceed the number of shares ({}).".format(
threshold, share_count
random_share_count = threshold - 2 )
)
if share_count > MAX_SHARE_COUNT: if share_count > MAX_SHARE_COUNT:
raise ValueError( raise ValueError(
@ -224,6 +230,12 @@ def _split_secret(threshold, share_count, shared_secret):
) )
) )
# If the threshold is 1, then the digest of the shared secret is not used.
if threshold == 1:
return [(0, shared_secret)]
random_share_count = threshold - 2
shares = [(i, random.bytes(len(shared_secret))) for i in range(random_share_count)] shares = [(i, random.bytes(len(shared_secret))) for i in range(random_share_count)]
random_part = random.bytes(len(shared_secret) - DIGEST_LENGTH_BYTES) random_part = random.bytes(len(shared_secret) - DIGEST_LENGTH_BYTES)
@ -241,16 +253,17 @@ def _split_secret(threshold, share_count, shared_secret):
def _recover_secret(threshold, shares): def _recover_secret(threshold, shares):
shared_secret = shamir.interpolate(shares, SECRET_INDEX)
# If the threshold is 1, then the digest of the shared secret is not used. # If the threshold is 1, then the digest of the shared secret is not used.
if threshold != 1: if threshold == 1:
digest_share = shamir.interpolate(shares, DIGEST_INDEX) return shares[0][1]
digest = digest_share[:DIGEST_LENGTH_BYTES]
random_part = digest_share[DIGEST_LENGTH_BYTES:]
if digest != _create_digest(random_part, shared_secret): shared_secret = shamir.interpolate(shares, SECRET_INDEX)
raise MnemonicError("Invalid digest of the shared secret.") digest_share = shamir.interpolate(shares, DIGEST_INDEX)
digest = digest_share[:DIGEST_LENGTH_BYTES]
random_part = digest_share[DIGEST_LENGTH_BYTES:]
if digest != _create_digest(random_part, shared_secret):
raise MnemonicError("Invalid digest of the shared secret.")
return shared_secret return shared_secret
@ -465,6 +478,11 @@ def generate_mnemonics(
"The length of the master secret in bytes must be an even number." "The length of the master secret in bytes must be an even number."
) )
if not all(32 <= c <= 126 for c in passphrase):
raise ValueError(
"The passphrase must contain only printable ASCII characters (code points 32-126)."
)
if group_threshold > len(groups): if group_threshold > len(groups):
raise ValueError( raise ValueError(
"The requested group threshold ({}) must not exceed the number of groups ({}).".format( "The requested group threshold ({}) must not exceed the number of groups ({}).".format(