status-im
/
status-go
mirror of https://github.com/status-im/status-go.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix entropy strength validation in BIP39

This commit is contained in:
Andrea Franz 2018-03-13 11:43:30 +01:00
parent aabbcbe522
commit ae64d1d7d5
No known key found for this signature in database
GPG Key ID: 4F0D2F2D9DE7F29D
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
extkeys/mnemonic.go
View File

@ -53,6 +53,11 @@ var Languages = [...]string{
"Russian",
}
// ErrInvalidEntropyStrength is the error returned by MnemonicPhrase
// when the entropy strength is not valid.
// Valid entropy strength values are multiple of 32 between 128 and 256.
var ErrInvalidEntropyStrength = errors.New("The mnemonic must encode entropy in a multiple of 32 bits, The recommended size of ENT is 128-256 bits")
var (
last11BitsMask = big.NewInt(2047)
rightShift11BitsDivider = big.NewInt(2048)
@ -118,7 +123,7 @@ func (m *Mnemonic) MnemonicSeed(mnemonic string, password string) []byte {
}
// MnemonicPhrase returns a human readable seed for BIP32 Hierarchical Deterministic Wallets
func (m *Mnemonic) MnemonicPhrase(strength, language Language) (string, error) {
func (m *Mnemonic) MnemonicPhrase(strength int, language Language) (string, error) {
wordList, err := m.WordList(language)
if err != nil {
return "", err
@ -128,8 +133,8 @@ func (m *Mnemonic) MnemonicPhrase(strength, language Language) (string, error) {
// With more entropy security is improved but the sentence length increases.
// We refer to the initial entropy length as ENT. The recommended size of ENT is 128-256 bits.
if strength%32 > 0 && strength < 128 && strength > 256 {
return "", errors.New("The mnemonic must encode entropy in a multiple of 32 bits, The recommended size of ENT is 128-256 bits")
if strength%32 > 0 || strength < 128 || strength > 256 {
return "", ErrInvalidEntropyStrength
}
// First, an initial entropy of ENT bits is generated

9
extkeys/mnemonic_test.go
View File

@ -23,6 +23,15 @@ func TestMnemonicPhrase(t *testing.T) {
mnemonic := extkeys.NewMnemonic(extkeys.Salt)
// test strength validation
strengths := []int{127, 129, 257}
for _, s := range strengths {
_, err := mnemonic.MnemonicPhrase(s, extkeys.EnglishLanguage)
if err != extkeys.ErrInvalidEntropyStrength {
t.Errorf("Entropy strength `%d` should be invalid", s)
}
}
// test mnemonic generation
t.Log("Test mnemonic generation:")
for _, language := range mnemonic.AvailableLanguages() {