karelbilek
commented
5 years ago I guess if this is fixed, then all the encrypted volumes with the old key will be impossible to decrypt; but if that happens, it's not hard to revert I guess
Closed karelbilek closed 5 years ago
karelbilek
commented
5 years ago I guess if this is fixed, then all the encrypted volumes with the old key will be impossible to decrypt; but if that happens, it's not hard to revert I guess
xaionaro
commented
5 years ago I guess if this is fixed, then all the encrypted volumes with the old key will be impossible to decrypt; but if that happens, it's not hard to revert I guess
Yep. It seems there're may be two extra bytes attached to the real key. However I don't understand how it could work if this's true. As you can see in the examples: there were no extra bytes after encrypt+decrypt. I have no time on the investigation right now. But of course the marshaling-issue should be fixed.
I am rewriting xaionaro-go to use that (as a high-level library).
Thank you a lot! I'm not sure when would I get time on this :(
xaionaro
commented
5 years ago @karel-3d:
UPD:
It seems there's no problem actually. The unmarshaling was done here: https://github.com/conejoninja/tesoro/blob/master/tesoro.go#L864
You've just scared me a lot here :)
But anyway the tesoro is not maintained anymore, so if you can eliminate the dependency it would be very kindly :)
At that time I was have to use tesoro because the official trezor code wan't made a way to be used as a library for other projects.
karelbilek
commented
5 years ago It's still not, I am still working on that. But you are right.
Trezor returns wrong key, because of this issue
https://github.com/xaionaro-go/cryptoWallet/issues/7
Note: I am currently rewriting trezord-go so it could be used as a low-lever trezor library, and I am rewriting xaionaro-go to use that (as a high-level library).
https://github.com/trezor/trezord-go/pull/147