1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-27 08:38:07 +00:00

slip39: Add RS1024 error locator function.

This commit is contained in:
Andrew Kozlik 2019-06-18 18:34:29 +02:00
parent 8a94aef1b0
commit 84d3723ee9
2 changed files with 38 additions and 0 deletions

View File

@ -135,6 +135,33 @@ def rs1024_verify_checksum(data):
return _rs1024_polymod(tuple(_CUSTOMIZATION_STRING) + data) == 1
def rs1024_error_index(data):
GEN = (
0x91F9F87,
0x122F1F07,
0x244E1E07,
0x81C1C07,
0x10281C0E,
0x20401C1C,
0x103838,
0x207070,
0x40E0E0,
0x81C1C0,
)
chk = _rs1024_polymod(tuple(_CUSTOMIZATION_STRING) + data) ^ 1
if chk == 0:
return None
for i in reversed(range(len(data))):
b = chk & 0x3FF
chk >>= 10
if chk == 0:
return i
for j in range(10):
chk ^= GEN[j] if ((b >> j) & 1) else 0
return None
def xor(a, b):
return bytes(x ^ y for x, y in zip(a, b))

View File

@ -114,6 +114,7 @@ class TestCryptoSlip39(unittest.TestCase):
self.assertEqual(len(mnemonics), 5)
self.assertEqual(len(sum(mnemonics, [])), 19)
def test_invalid_sharing(self):
# Short master secret.
with self.assertRaises(ValueError):
@ -154,5 +155,15 @@ class TestCryptoSlip39(unittest.TestCase):
slip39.combine_mnemonics(mnemonics)
def test_error_location(self):
mnemonics = ["duckling enlarge academic academic agency result length solution fridge kidney coal piece deal husband erode duke ajar critical decision keyboard", "theory painting academic academic armed sweater year military elder discuss acne wildlife boring employer fused large satoshi bundle carbon diagnose anatomy hamster leaves tracks paces beyond phantom capital marvel lips brave detect luck"]
for mnemonic in mnemonics:
data = tuple(slip39.mnemonic_to_indices(mnemonic))
self.assertEqual(slip39.rs1024_error_index(data), None)
for i in range(len(data)):
error_data = data[:i] + (data[i]^1,) + data[i+1:]
self.assertEqual(slip39.rs1024_error_index(error_data), i)
if __name__ == '__main__':
unittest.main()