arno
/
trezor-firmware
mirror of https://github.com/trezor/trezor-firmware.git
1
0
Fork 0
Code Issues Releases Wiki Activity

slip39: Fix mnemonic padding check in MicroPython.

Browse Source
pull/85/head
Andrew Kozlik 5 years ago
parent e9a02ebc76
commit db03e2e000
2 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File

17
src/trezor/crypto/slip39.py
Unescape View File

@ -178,7 +178,7 @@ class ShamirMnemonic(object):
"""Converts a list of base 1024 indices in big endian order to an integer value.""" """Converts a list of base 1024 indices in big endian order to an integer value."""
value = 0 value = 0
for index in indices: for index in indices:
value = value * cls.RADIX + index value = (value << cls.RADIX_BITS) + index
return value return value
@classmethod @classmethod
@ -352,7 +352,8 @@ class ShamirMnemonic(object):
) )
) )
if (10 * (len(mnemonic_data) - self.METADATA_LENGTH_WORDS)) % 16 > 8: padding_len = (10 * (len(mnemonic_data) - self.METADATA_LENGTH_WORDS)) % 16
if padding_len > 8:
raise MnemonicError("Invalid mnemonic length.") raise MnemonicError("Invalid mnemonic length.")
if not self.rs1024_verify_checksum(mnemonic_data): if not self.rs1024_verify_checksum(mnemonic_data):
@ -379,15 +380,11 @@ class ShamirMnemonic(object):
self.ID_EXP_LENGTH_WORDS + 2 : -self.CHECKSUM_LENGTH_WORDS self.ID_EXP_LENGTH_WORDS + 2 : -self.CHECKSUM_LENGTH_WORDS
] ]
# The length of the master secret in bytes is required to be even, so find the largest even value_byte_count = (10 * len(value_data) - padding_len) // 8
# integer, which is less than or equal to value_word_count * 10 / 8.
value_byte_count = 2 * math.floor(len(value_data) * 5 / 8)
value_int = self._int_from_indices(value_data) value_int = self._int_from_indices(value_data)
if value_data[0] >= 1 << (10 - padding_len):
try: raise MnemonicError("Invalid mnemonic padding.")
value = value_int.to_bytes(value_byte_count, "big") value = value_int.to_bytes(value_byte_count, "big")
except OverflowError:
raise MnemonicError("Invalid mnemonic padding.") from None
return ( return (
identifier, identifier,

1
tests/test_trezor.crypto.slip39.py
Unescape View File

@ -10,7 +10,6 @@ class TestCryptoSlip39(unittest.TestCase):
def test_shamir(self): def test_shamir(self):
shamir_mnemonic = slip39.ShamirMnemonic() shamir_mnemonic = slip39.ShamirMnemonic()
for mnemonics, secret in vectors: for mnemonics, secret in vectors:
print(mnemonics, secret)
if secret: if secret:
self.assertEqual(shamir_mnemonic.combine_mnemonics(mnemonics, b"TREZOR"), unhexlify(secret)) self.assertEqual(shamir_mnemonic.combine_mnemonics(mnemonics, b"TREZOR"), unhexlify(secret))
else: else:

Write Preview
Loading…
Cancel
Save