mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 22:38:08 +00:00
feat(core): Do not store identifier for SLIP-39 extendable shares.
This commit is contained in:
parent
040c1f5f8c
commit
d4953e4af3
@ -53,8 +53,8 @@ def get_seed(passphrase: str = "", progress_bar: bool = True) -> bytes:
|
||||
identifier = storage_device.get_slip39_identifier()
|
||||
extendable = backup_types.is_extendable_backup_type(get_type())
|
||||
iteration_exponent = storage_device.get_slip39_iteration_exponent()
|
||||
if identifier is None or iteration_exponent is None:
|
||||
# Identifier or exponent expected but not found
|
||||
if iteration_exponent is None:
|
||||
# Exponent expected but not found
|
||||
raise RuntimeError
|
||||
seed = slip39.decrypt(
|
||||
mnemonic_secret,
|
||||
|
@ -56,7 +56,8 @@ async def load_device(msg: LoadDevice) -> Success:
|
||||
# this must succeed if the recover_ems call succeeded
|
||||
share = slip39.decode_mnemonic(mnemonics[0])
|
||||
backup_type = backup_types.infer_backup_type(is_slip39, share)
|
||||
storage_device.set_slip39_identifier(identifier)
|
||||
if not extendable:
|
||||
storage_device.set_slip39_identifier(identifier)
|
||||
storage_device.set_slip39_iteration_exponent(iteration_exponent)
|
||||
|
||||
storage_device.store_mnemonic_secret(
|
||||
|
@ -152,12 +152,17 @@ async def _finish_recovery(secret: bytes, backup_type: BackupType) -> Success:
|
||||
secret, backup_type, needs_backup=False, no_backup=False
|
||||
)
|
||||
if backup_types.is_slip39_backup_type(backup_type):
|
||||
identifier = storage_recovery.get_slip39_identifier()
|
||||
if not backup_types.is_extendable_backup_type(backup_type):
|
||||
identifier = storage_recovery.get_slip39_identifier()
|
||||
if identifier is None:
|
||||
# The identifier needs to be stored in storage at this point
|
||||
raise RuntimeError
|
||||
storage_device.set_slip39_identifier(identifier)
|
||||
|
||||
exponent = storage_recovery.get_slip39_iteration_exponent()
|
||||
if identifier is None or exponent is None:
|
||||
# Identifier and exponent need to be stored in storage at this point
|
||||
if exponent is None:
|
||||
# The iteration exponent needs to be stored in storage at this point
|
||||
raise RuntimeError
|
||||
storage_device.set_slip39_identifier(identifier)
|
||||
storage_device.set_slip39_iteration_exponent(exponent)
|
||||
|
||||
storage_recovery.end_progress()
|
||||
|
@ -84,7 +84,6 @@ async def reset_device(msg: ResetDevice) -> Success:
|
||||
secret = bip39.from_data(secret).encode()
|
||||
elif backup_types.is_slip39_backup_type(backup_type):
|
||||
# generate and set SLIP39 parameters
|
||||
storage_device.set_slip39_identifier(slip39.generate_random_identifier())
|
||||
storage_device.set_slip39_iteration_exponent(slip39.DEFAULT_ITERATION_EXPONENT)
|
||||
else:
|
||||
# Unknown backup type.
|
||||
@ -214,7 +213,11 @@ def _get_slip39_mnemonics(
|
||||
groups: Sequence[tuple[int, int]],
|
||||
extendable: bool,
|
||||
):
|
||||
identifier = storage_device.get_slip39_identifier()
|
||||
if extendable:
|
||||
identifier = slip39.generate_random_identifier()
|
||||
else:
|
||||
identifier = storage_device.get_slip39_identifier()
|
||||
|
||||
iteration_exponent = storage_device.get_slip39_iteration_exponent()
|
||||
if identifier is None or iteration_exponent is None:
|
||||
raise ValueError
|
||||
|
@ -156,7 +156,7 @@ def decrypt(
|
||||
encrypted_master_secret: bytes,
|
||||
passphrase: bytes,
|
||||
iteration_exponent: int,
|
||||
identifier: int,
|
||||
identifier: int | None,
|
||||
extendable: bool,
|
||||
progress_callback: Callable[[int, int], None] | None = None,
|
||||
) -> bytes:
|
||||
@ -440,10 +440,12 @@ def _round_function(i: int, passphrase: bytes, e: int, salt: bytes, r: bytes) ->
|
||||
).key()[: len(r)]
|
||||
|
||||
|
||||
def _get_salt(identifier: int, extendable: bool) -> bytes:
|
||||
def _get_salt(identifier: int | None, extendable: bool) -> bytes:
|
||||
if extendable:
|
||||
return bytes()
|
||||
else:
|
||||
if identifier is None:
|
||||
raise RuntimeError
|
||||
return _CUSTOMIZATION_STRING_ORIG + identifier.to_bytes(
|
||||
_bits_to_bytes(_ID_LENGTH_BITS), "big"
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user