BTCPrivate
/
-WIP-electrum-btcp
mirror of https://github.com/BTCPrivate/-WIP-electrum-btcp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix bug with undetected incorrect password that can damage wallet

This commit is contained in:
ThomasV 2013-01-06 09:41:06 +01:00
parent 75247de92f
commit 04322b7cc9
5 changed files with 29 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
electrum
View File

@ -388,7 +388,7 @@ if __name__ == '__main__':
exit(1) exit(1)
# check password # check password
try: try:
wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
print_msg("Error: This password does not decode this wallet.") print_msg("Error: This password does not decode this wallet.")
exit(1) exit(1)
@ -419,7 +419,6 @@ if __name__ == '__main__':
print_msg(known_commands[cmd2]) print_msg(known_commands[cmd2])
elif cmd == 'seed': elif cmd == 'seed':
seed = wallet.pw_decode( wallet.seed, password)
print_msg(seed + ' "' + ' '.join(mnemonic_encode(seed)) + '"') print_msg(seed + ' "' + ' '.join(mnemonic_encode(seed)) + '"')
elif cmd == 'deseed': elif cmd == 'deseed':
@ -622,11 +621,6 @@ if __name__ == '__main__':
print_msg(h) print_msg(h)
elif cmd == 'password': elif cmd == 'password':
try:
seed = wallet.pw_decode( wallet.seed, password)
except ValueError:
sys.exit("Error: Password does not decrypt this wallet.")
new_password = prompt_password('New password:') new_password = prompt_password('New password:')
wallet.update_password(seed, password, new_password) wallet.update_password(seed, password, new_password)

4
lib/gui.py
View File

@ -65,7 +65,7 @@ def show_seed_dialog(wallet, password, parent):
show_message("No seed") show_message("No seed")
return return
try: try:
seed = wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
show_message("Incorrect password") show_message("Incorrect password")
return return
@ -477,7 +477,7 @@ def change_password_dialog(wallet, parent, icon):
return return
try: try:
seed = wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
show_message("Incorrect password") show_message("Incorrect password")
return return

4
lib/gui_android.py
View File

@ -709,7 +709,7 @@ def seed_dialog():
password = None password = None
try: try:
seed = wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
modal_dialog('error','incorrect password') modal_dialog('error','incorrect password')
return return
@ -725,7 +725,7 @@ def change_password_dialog():
password = None password = None
try: try:
seed = wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
modal_dialog('error','incorrect password') modal_dialog('error','incorrect password')
return return

7
lib/gui_qt.py
View File

@ -1170,10 +1170,9 @@ class ElectrumWindow(QMainWindow):
password = None password = None
try: try:
seed = wallet.pw_decode(wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
QMessageBox.warning(parent, _('Error'), QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK'))
_('Incorrect Password'), _('OK'))
return return
dialog = QDialog(None) dialog = QDialog(None)
@ -1454,7 +1453,7 @@ class ElectrumWindow(QMainWindow):
new_password2 = unicode(conf_pw.text()) new_password2 = unicode(conf_pw.text())
try: try:
seed = wallet.pw_decode( wallet.seed, password) seed = wallet.decode_seed(password)
except: except:
QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK')) QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK'))
return return

27
lib/wallet.py
View File

@ -115,7 +115,7 @@ class Wallet:
def import_key(self, sec, password): def import_key(self, sec, password):
# try password # try password
try: try:
seed = self.pw_decode( self.seed, password) seed = self.decode_seed(password)
except: except:
raise BaseException("Invalid password") raise BaseException("Invalid password")
@ -194,7 +194,6 @@ class Wallet:
if address in self.imported_keys.keys(): if address in self.imported_keys.keys():
sec = self.pw_decode( self.imported_keys[address], password ) sec = self.pw_decode( self.imported_keys[address], password )
if not sec: return None, None if not sec: return None, None
pkey = regenerate_key(sec) pkey = regenerate_key(sec)
compressed = is_compressed(sec) compressed = is_compressed(sec)
secexp = pkey.secret secexp = pkey.secret
@ -208,14 +207,19 @@ class Wallet:
for_change = True for_change = True
else: else:
raise BaseException("unknown address") raise BaseException("unknown address")
try:
seed = self.pw_decode( self.seed, password) seed = self.pw_decode( self.seed, password)
except:
raise BaseException("Invalid password")
if not seed: return None if not seed: return None
secexp = self.stretch_key(seed) secexp = self.stretch_key(seed)
secexp = ( secexp + self.get_sequence(n,for_change) ) % order secexp = ( secexp + self.get_sequence(n,for_change) ) % order
compressed = False compressed = False
pkey = EC_KEY(secexp)
public_key = GetPubKey(pkey, compressed)
addr = public_key_to_bc_address(public_key)
if addr != address:
print_error('Invalid password with correct decoding')
raise BaseException('Invalid password')
return secexp, compressed return secexp, compressed
@ -636,16 +640,21 @@ class Wallet:
def pw_decode(self, s, password): def pw_decode(self, s, password):
if password is not None: if password is not None:
secret = Hash(password) secret = Hash(password)
d = DecodeAES(secret, s)
if s == self.seed:
try: try:
d.decode('hex') d = DecodeAES(secret, s)
except: except:
raise ValueError("Invalid password") raise BaseException('Invalid password')
return d return d
else: else:
return s return s
def decode_seed(self, password):
# test password on an address
addr = self.all_addresses()[0]
self.get_private_key(addr, password)
# return seed
return self.pw_decode(self.seed, password)
def get_history(self, address): def get_history(self, address):
with self.lock: with self.lock: