fix bug with undetected incorrect password that can damage wallet
This commit is contained in:
parent
75247de92f
commit
04322b7cc9
8
electrum
8
electrum
|
@ -388,7 +388,7 @@ if __name__ == '__main__':
|
||||||
exit(1)
|
exit(1)
|
||||||
# check password
|
# check password
|
||||||
try:
|
try:
|
||||||
wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
print_msg("Error: This password does not decode this wallet.")
|
print_msg("Error: This password does not decode this wallet.")
|
||||||
exit(1)
|
exit(1)
|
||||||
|
@ -419,7 +419,6 @@ if __name__ == '__main__':
|
||||||
print_msg(known_commands[cmd2])
|
print_msg(known_commands[cmd2])
|
||||||
|
|
||||||
elif cmd == 'seed':
|
elif cmd == 'seed':
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
|
||||||
print_msg(seed + ' "' + ' '.join(mnemonic_encode(seed)) + '"')
|
print_msg(seed + ' "' + ' '.join(mnemonic_encode(seed)) + '"')
|
||||||
|
|
||||||
elif cmd == 'deseed':
|
elif cmd == 'deseed':
|
||||||
|
@ -622,11 +621,6 @@ if __name__ == '__main__':
|
||||||
print_msg(h)
|
print_msg(h)
|
||||||
|
|
||||||
elif cmd == 'password':
|
elif cmd == 'password':
|
||||||
try:
|
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
|
||||||
except ValueError:
|
|
||||||
sys.exit("Error: Password does not decrypt this wallet.")
|
|
||||||
|
|
||||||
new_password = prompt_password('New password:')
|
new_password = prompt_password('New password:')
|
||||||
wallet.update_password(seed, password, new_password)
|
wallet.update_password(seed, password, new_password)
|
||||||
|
|
||||||
|
|
|
@ -65,7 +65,7 @@ def show_seed_dialog(wallet, password, parent):
|
||||||
show_message("No seed")
|
show_message("No seed")
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
show_message("Incorrect password")
|
show_message("Incorrect password")
|
||||||
return
|
return
|
||||||
|
@ -477,7 +477,7 @@ def change_password_dialog(wallet, parent, icon):
|
||||||
return
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
show_message("Incorrect password")
|
show_message("Incorrect password")
|
||||||
return
|
return
|
||||||
|
|
|
@ -709,7 +709,7 @@ def seed_dialog():
|
||||||
password = None
|
password = None
|
||||||
|
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
modal_dialog('error','incorrect password')
|
modal_dialog('error','incorrect password')
|
||||||
return
|
return
|
||||||
|
@ -725,7 +725,7 @@ def change_password_dialog():
|
||||||
password = None
|
password = None
|
||||||
|
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
modal_dialog('error','incorrect password')
|
modal_dialog('error','incorrect password')
|
||||||
return
|
return
|
||||||
|
|
|
@ -1170,10 +1170,9 @@ class ElectrumWindow(QMainWindow):
|
||||||
password = None
|
password = None
|
||||||
|
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode(wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
QMessageBox.warning(parent, _('Error'),
|
QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK'))
|
||||||
_('Incorrect Password'), _('OK'))
|
|
||||||
return
|
return
|
||||||
|
|
||||||
dialog = QDialog(None)
|
dialog = QDialog(None)
|
||||||
|
@ -1454,7 +1453,7 @@ class ElectrumWindow(QMainWindow):
|
||||||
new_password2 = unicode(conf_pw.text())
|
new_password2 = unicode(conf_pw.text())
|
||||||
|
|
||||||
try:
|
try:
|
||||||
seed = wallet.pw_decode( wallet.seed, password)
|
seed = wallet.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK'))
|
QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK'))
|
||||||
return
|
return
|
||||||
|
|
|
@ -115,7 +115,7 @@ class Wallet:
|
||||||
def import_key(self, sec, password):
|
def import_key(self, sec, password):
|
||||||
# try password
|
# try password
|
||||||
try:
|
try:
|
||||||
seed = self.pw_decode( self.seed, password)
|
seed = self.decode_seed(password)
|
||||||
except:
|
except:
|
||||||
raise BaseException("Invalid password")
|
raise BaseException("Invalid password")
|
||||||
|
|
||||||
|
@ -194,7 +194,6 @@ class Wallet:
|
||||||
if address in self.imported_keys.keys():
|
if address in self.imported_keys.keys():
|
||||||
sec = self.pw_decode( self.imported_keys[address], password )
|
sec = self.pw_decode( self.imported_keys[address], password )
|
||||||
if not sec: return None, None
|
if not sec: return None, None
|
||||||
|
|
||||||
pkey = regenerate_key(sec)
|
pkey = regenerate_key(sec)
|
||||||
compressed = is_compressed(sec)
|
compressed = is_compressed(sec)
|
||||||
secexp = pkey.secret
|
secexp = pkey.secret
|
||||||
|
@ -208,14 +207,19 @@ class Wallet:
|
||||||
for_change = True
|
for_change = True
|
||||||
else:
|
else:
|
||||||
raise BaseException("unknown address")
|
raise BaseException("unknown address")
|
||||||
try:
|
|
||||||
seed = self.pw_decode( self.seed, password)
|
seed = self.pw_decode( self.seed, password)
|
||||||
except:
|
|
||||||
raise BaseException("Invalid password")
|
|
||||||
if not seed: return None
|
if not seed: return None
|
||||||
secexp = self.stretch_key(seed)
|
secexp = self.stretch_key(seed)
|
||||||
secexp = ( secexp + self.get_sequence(n,for_change) ) % order
|
secexp = ( secexp + self.get_sequence(n,for_change) ) % order
|
||||||
compressed = False
|
compressed = False
|
||||||
|
pkey = EC_KEY(secexp)
|
||||||
|
|
||||||
|
public_key = GetPubKey(pkey, compressed)
|
||||||
|
addr = public_key_to_bc_address(public_key)
|
||||||
|
if addr != address:
|
||||||
|
print_error('Invalid password with correct decoding')
|
||||||
|
raise BaseException('Invalid password')
|
||||||
|
|
||||||
return secexp, compressed
|
return secexp, compressed
|
||||||
|
|
||||||
|
@ -636,16 +640,21 @@ class Wallet:
|
||||||
def pw_decode(self, s, password):
|
def pw_decode(self, s, password):
|
||||||
if password is not None:
|
if password is not None:
|
||||||
secret = Hash(password)
|
secret = Hash(password)
|
||||||
d = DecodeAES(secret, s)
|
try:
|
||||||
if s == self.seed:
|
d = DecodeAES(secret, s)
|
||||||
try:
|
except:
|
||||||
d.decode('hex')
|
raise BaseException('Invalid password')
|
||||||
except:
|
|
||||||
raise ValueError("Invalid password")
|
|
||||||
return d
|
return d
|
||||||
else:
|
else:
|
||||||
return s
|
return s
|
||||||
|
|
||||||
|
def decode_seed(self, password):
|
||||||
|
# test password on an address
|
||||||
|
addr = self.all_addresses()[0]
|
||||||
|
self.get_private_key(addr, password)
|
||||||
|
# return seed
|
||||||
|
return self.pw_decode(self.seed, password)
|
||||||
|
|
||||||
|
|
||||||
def get_history(self, address):
|
def get_history(self, address):
|
||||||
with self.lock:
|
with self.lock:
|
||||||
|
|
Loading…
Reference in New Issue