arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00
Code Issues Releases Wiki Activity

core/slip39: Disallow creating multiple member shares with member threshold 1. Add tests for invalid parameters to generate_mnemonics().

Browse Source
This commit is contained in:
Andrew Kozlik 2019-05-02 15:00:04 +02:00
parent 0c3dde6464
commit edab43234d
2 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
core/src/trezor/crypto/slip39.py
View File

@ -472,6 +472,14 @@ def generate_mnemonics(
) )
) )
if any(
member_threshold == 1 and member_count > 1
for member_threshold, member_count in groups
):
raise ValueError(
"Creating multiple member shares with member threshold 1 is not allowed. Use 1-of-1 member sharing instead."
)
encrypted_master_secret = _encrypt( encrypted_master_secret = _encrypt(
master_secret, passphrase, iteration_exponent, identifier master_secret, passphrase, iteration_exponent, identifier
) )

18
core/tests/test_trezor.crypto.slip39.py
View File

@ -64,6 +64,24 @@ class TestCryptoSlip39(unittest.TestCase):
slip39.combine_mnemonics(mnemonics[0][1:4]) slip39.combine_mnemonics(mnemonics[0][1:4])
def test_invalid_sharing(self):
# Short master secret.
with self.assertRaises(ValueError):
slip39.generate_mnemonics(1, [(2, 3)], self.MS[:14])
# Odd length master secret.
with self.assertRaises(ValueError):
slip39.generate_mnemonics(1, [(2, 3)], self.MS + b"X")
# Group threshold exceeds number of groups.
with self.assertRaises(ValueError):
slip39.generate_mnemonics(3, [(3, 5), (2, 5)], self.MS)
# Group with multiple members and threshold 1.
with self.assertRaises(ValueError):
slip39.generate_mnemonics(2, [(3, 5), (1, 3), (2, 5)], self.MS)
def test_vectors(self): def test_vectors(self):
for mnemonics, secret in vectors: for mnemonics, secret in vectors:
if secret: if secret: