core/slip39: Disallow creating multiple member shares with member threshold 1. Add tests for invalid parameters to generate_mnemonics().

5 years ago · edab43234d
parent 0c3dde6464
commit edab43234d
2 changed files with 26 additions and 0 deletions
--- a/core/src/trezor/crypto/slip39.py
+++ b/core/src/trezor/crypto/slip39.py
@ -472,6 +472,14 @@ def generate_mnemonics(
            )
        )

+    if any(
+        member_threshold == 1 and member_count > 1
+        for member_threshold, member_count in groups
+    ):
+        raise ValueError(
+            "Creating multiple member shares with member threshold 1 is not allowed. Use 1-of-1 member sharing instead."
+        )
+
    encrypted_master_secret = _encrypt(
        master_secret, passphrase, iteration_exponent, identifier
    )
--- a/core/tests/test_trezor.crypto.slip39.py
+++ b/core/tests/test_trezor.crypto.slip39.py
@ -64,6 +64,24 @@ class TestCryptoSlip39(unittest.TestCase):
            slip39.combine_mnemonics(mnemonics[0][1:4])


+    def test_invalid_sharing(self):
+        # Short master secret.
+        with self.assertRaises(ValueError):
+            slip39.generate_mnemonics(1, [(2, 3)], self.MS[:14])
+
+        # Odd length master secret.
+        with self.assertRaises(ValueError):
+            slip39.generate_mnemonics(1, [(2, 3)], self.MS + b"X")
+
+        # Group threshold exceeds number of groups.
+        with self.assertRaises(ValueError):
+            slip39.generate_mnemonics(3, [(3, 5), (2, 5)], self.MS)
+
+        # Group with multiple members and threshold 1.
+        with self.assertRaises(ValueError):
+            slip39.generate_mnemonics(2, [(3, 5), (1, 3), (2, 5)], self.MS)
+
+
    def test_vectors(self):
        for mnemonics, secret in vectors:
            if secret: