arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-26 09:28:13 +00:00
Code Issues Releases Wiki Activity

slip39: Add RS1024 error locator function.

Browse Source
This commit is contained in:
Andrew Kozlik 2019-06-18 18:34:29 +02:00
parent 8a94aef1b0
commit 84d3723ee9
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
core/src/trezor/crypto/slip39.py
View File

@ -135,6 +135,33 @@ def rs1024_verify_checksum(data):
return _rs1024_polymod(tuple(_CUSTOMIZATION_STRING) + data) == 1 return _rs1024_polymod(tuple(_CUSTOMIZATION_STRING) + data) == 1
def rs1024_error_index(data):
GEN = (
0x91F9F87,
0x122F1F07,
0x244E1E07,
0x81C1C07,
0x10281C0E,
0x20401C1C,
0x103838,
0x207070,
0x40E0E0,
0x81C1C0,
)
chk = _rs1024_polymod(tuple(_CUSTOMIZATION_STRING) + data) ^ 1
if chk == 0:
return None
for i in reversed(range(len(data))):
b = chk & 0x3FF
chk >>= 10
if chk == 0:
return i
for j in range(10):
chk ^= GEN[j] if ((b >> j) & 1) else 0
return None
def xor(a, b): def xor(a, b):
return bytes(x ^ y for x, y in zip(a, b)) return bytes(x ^ y for x, y in zip(a, b))

11
core/tests/test_trezor.crypto.slip39.py
View File

@ -114,6 +114,7 @@ class TestCryptoSlip39(unittest.TestCase):
self.assertEqual(len(mnemonics), 5) self.assertEqual(len(mnemonics), 5)
self.assertEqual(len(sum(mnemonics, [])), 19) self.assertEqual(len(sum(mnemonics, [])), 19)
def test_invalid_sharing(self): def test_invalid_sharing(self):
# Short master secret. # Short master secret.
with self.assertRaises(ValueError): with self.assertRaises(ValueError):
@ -154,5 +155,15 @@ class TestCryptoSlip39(unittest.TestCase):
slip39.combine_mnemonics(mnemonics) slip39.combine_mnemonics(mnemonics)
def test_error_location(self):
mnemonics = ["duckling enlarge academic academic agency result length solution fridge kidney coal piece deal husband erode duke ajar critical decision keyboard", "theory painting academic academic armed sweater year military elder discuss acne wildlife boring employer fused large satoshi bundle carbon diagnose anatomy hamster leaves tracks paces beyond phantom capital marvel lips brave detect luck"]
for mnemonic in mnemonics:
data = tuple(slip39.mnemonic_to_indices(mnemonic))
self.assertEqual(slip39.rs1024_error_index(data), None)
for i in range(len(data)):
error_data = data[:i] + (data[i]^1,) + data[i+1:]
self.assertEqual(slip39.rs1024_error_index(error_data), i)
if __name__ == '__main__': if __name__ == '__main__':
unittest.main() unittest.main()