From 272b79effeedae24e427e56885a2db8ad5ccf85d Mon Sep 17 00:00:00 2001 From: ThomasV Date: Sun, 6 Jan 2013 01:44:12 +0100 Subject: [PATCH 1/2] warning against key import --- lib/gui_qt.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/gui_qt.py b/lib/gui_qt.py index 8babe3cf4..1d8c419e4 100644 --- a/lib/gui_qt.py +++ b/lib/gui_qt.py @@ -1549,7 +1549,13 @@ class ElectrumWindow(QMainWindow): csv_transaction(self.wallet) def do_import_privkey(self): - text, ok = QInputDialog.getText(self, _('Import private key'), _('Key') + ':') + if not self.wallet.imported_keys: + r = QMessageBox.question(None, _('Warning'), _('Warning: Imported keys are not recoverable from seed.') + ' ' \ + + _('If you ever need to restore your wallet from its seed, these keys will be lost.') + '\n\n' \ + + _('Are you sure you understand what you are doing?'), 3, 4) + if r == 4: return + + text, ok = QInputDialog.getText(self, _('Import private key'), _('Private Key') + ':') if not ok: return sec = str(text) if self.wallet.use_encryption: @@ -1713,9 +1719,7 @@ class ElectrumWindow(QMainWindow): grid_io.addWidget(QLabel(_('Private key')), 3, 0) grid_io.addWidget(EnterButton(_("Import"), self.do_import_privkey), 3, 2) - grid_io.addWidget(HelpButton('Import private key' + '\n' \ - + _('Warning: Imported keys are not recoverable with your seed.') + '\n' \ - + _('If you import keys, you will need to do backups of your wallet.')), 3, 3) + grid_io.addWidget(HelpButton('Import private key'), 3, 3) grid_io.setRowStretch(4,1) vbox.addLayout(ok_cancel_buttons(d)) From 04322b7cc91b8fd213e2a1c5e1ab447edb32fa77 Mon Sep 17 00:00:00 2001 From: ThomasV Date: Sun, 6 Jan 2013 09:41:06 +0100 Subject: [PATCH 2/2] fix bug with undetected incorrect password that can damage wallet --- electrum | 8 +------- lib/gui.py | 4 ++-- lib/gui_android.py | 4 ++-- lib/gui_qt.py | 7 +++---- lib/wallet.py | 33 +++++++++++++++++++++------------ 5 files changed, 29 insertions(+), 27 deletions(-) diff --git a/electrum b/electrum index 14893454f..9ee2d1d2c 100755 --- a/electrum +++ b/electrum @@ -388,7 +388,7 @@ if __name__ == '__main__': exit(1) # check password try: - wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: print_msg("Error: This password does not decode this wallet.") exit(1) @@ -419,7 +419,6 @@ if __name__ == '__main__': print_msg(known_commands[cmd2]) elif cmd == 'seed': - seed = wallet.pw_decode( wallet.seed, password) print_msg(seed + ' "' + ' '.join(mnemonic_encode(seed)) + '"') elif cmd == 'deseed': @@ -622,11 +621,6 @@ if __name__ == '__main__': print_msg(h) elif cmd == 'password': - try: - seed = wallet.pw_decode( wallet.seed, password) - except ValueError: - sys.exit("Error: Password does not decrypt this wallet.") - new_password = prompt_password('New password:') wallet.update_password(seed, password, new_password) diff --git a/lib/gui.py b/lib/gui.py index ab25ec25d..766ac8190 100644 --- a/lib/gui.py +++ b/lib/gui.py @@ -65,7 +65,7 @@ def show_seed_dialog(wallet, password, parent): show_message("No seed") return try: - seed = wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: show_message("Incorrect password") return @@ -477,7 +477,7 @@ def change_password_dialog(wallet, parent, icon): return try: - seed = wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: show_message("Incorrect password") return diff --git a/lib/gui_android.py b/lib/gui_android.py index aee85d5e1..77832f576 100644 --- a/lib/gui_android.py +++ b/lib/gui_android.py @@ -709,7 +709,7 @@ def seed_dialog(): password = None try: - seed = wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: modal_dialog('error','incorrect password') return @@ -725,7 +725,7 @@ def change_password_dialog(): password = None try: - seed = wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: modal_dialog('error','incorrect password') return diff --git a/lib/gui_qt.py b/lib/gui_qt.py index 1d8c419e4..2afea6b8b 100644 --- a/lib/gui_qt.py +++ b/lib/gui_qt.py @@ -1170,10 +1170,9 @@ class ElectrumWindow(QMainWindow): password = None try: - seed = wallet.pw_decode(wallet.seed, password) + seed = wallet.decode_seed(password) except: - QMessageBox.warning(parent, _('Error'), - _('Incorrect Password'), _('OK')) + QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK')) return dialog = QDialog(None) @@ -1454,7 +1453,7 @@ class ElectrumWindow(QMainWindow): new_password2 = unicode(conf_pw.text()) try: - seed = wallet.pw_decode( wallet.seed, password) + seed = wallet.decode_seed(password) except: QMessageBox.warning(parent, _('Error'), _('Incorrect Password'), _('OK')) return diff --git a/lib/wallet.py b/lib/wallet.py index 582486601..e5583dfb9 100644 --- a/lib/wallet.py +++ b/lib/wallet.py @@ -115,7 +115,7 @@ class Wallet: def import_key(self, sec, password): # try password try: - seed = self.pw_decode( self.seed, password) + seed = self.decode_seed(password) except: raise BaseException("Invalid password") @@ -194,7 +194,6 @@ class Wallet: if address in self.imported_keys.keys(): sec = self.pw_decode( self.imported_keys[address], password ) if not sec: return None, None - pkey = regenerate_key(sec) compressed = is_compressed(sec) secexp = pkey.secret @@ -208,14 +207,19 @@ class Wallet: for_change = True else: raise BaseException("unknown address") - try: - seed = self.pw_decode( self.seed, password) - except: - raise BaseException("Invalid password") + + seed = self.pw_decode( self.seed, password) if not seed: return None secexp = self.stretch_key(seed) secexp = ( secexp + self.get_sequence(n,for_change) ) % order compressed = False + pkey = EC_KEY(secexp) + + public_key = GetPubKey(pkey, compressed) + addr = public_key_to_bc_address(public_key) + if addr != address: + print_error('Invalid password with correct decoding') + raise BaseException('Invalid password') return secexp, compressed @@ -636,16 +640,21 @@ class Wallet: def pw_decode(self, s, password): if password is not None: secret = Hash(password) - d = DecodeAES(secret, s) - if s == self.seed: - try: - d.decode('hex') - except: - raise ValueError("Invalid password") + try: + d = DecodeAES(secret, s) + except: + raise BaseException('Invalid password') return d else: return s + def decode_seed(self, password): + # test password on an address + addr = self.all_addresses()[0] + self.get_private_key(addr, password) + # return seed + return self.pw_decode(self.seed, password) + def get_history(self, address): with self.lock: