Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 27 additions & 0 deletions src.ts/_tests/test-wallet-json.ts
Original file line number Diff line number Diff line change
Expand Up @@ -184,4 +184,31 @@ describe("Tests Extra JSON Wallet Functions", function() {
assert.ok(await encryptKeystoreJson(account, password));
});

it("tests invalid keystore KDF fields", function() {
const json = encryptKeystoreJsonSync(account, password, { scrypt: { N: 64 } });
const data = JSON.parse(json);

const badScrypt = JSON.parse(JSON.stringify(data));
badScrypt.Crypto.kdfparams.dklen = 64;
assert.throws(() => {
decryptKeystoreJsonSync(JSON.stringify(badScrypt), password);
}, (error: any) => {
return (isError(error, "INVALID_ARGUMENT") &&
error.message.startsWith("invalid kdf.dklen") &&
error.argument === "kdf.dklen");
});

const badPbkdf2 = JSON.parse(JSON.stringify(data));
badPbkdf2.Crypto.kdf = "pbkdf2";
badPbkdf2.Crypto.kdfparams.c = 1;
badPbkdf2.Crypto.kdfparams.prf = "hmac-sha1";
assert.throws(() => {
decryptKeystoreJsonSync(JSON.stringify(badPbkdf2), password);
}, (error: any) => {
return (isError(error, "INVALID_ARGUMENT") &&
error.message.startsWith("invalid kdf.prf") &&
error.argument === "kdf.prf");
});
});

});
5 changes: 2 additions & 3 deletions src.ts/wallet/json-keystore.ts
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ function getDecryptKdfParams<T>(data: any): KdfParams {
assertArgument(r > 0 && p > 0, "invalid kdf", "kdf", kdf);

const dkLen = spelunk<number>(data, "crypto.kdfparams.dklen:int!");
assertArgument(dkLen === 32, "invalid kdf.dklen", "kdf.dflen", dkLen);
assertArgument(dkLen === 32, "invalid kdf.dklen", "kdf.dklen", dkLen);

return { name: "scrypt", salt, N, r, p, dkLen: 64 };

Expand All @@ -164,7 +164,7 @@ function getDecryptKdfParams<T>(data: any): KdfParams {

const prf = spelunk<string>(data, "crypto.kdfparams.prf:string!");
const algorithm = prf.split("-").pop();
assertArgument(algorithm === "sha256" || algorithm === "sha512", "invalid kdf.pdf", "kdf.pdf", prf);
assertArgument(algorithm === "sha256" || algorithm === "sha512", "invalid kdf.prf", "kdf.prf", prf);

const count = spelunk<number>(data, "crypto.kdfparams.c:int!");

Expand Down Expand Up @@ -386,4 +386,3 @@ export async function encryptKeystoreJson(account: KeystoreAccount, password: st
const key = await scrypt(passwordBytes, kdf.salt, kdf.N, kdf.r, kdf.p, 64, options.progressCallback);
return _encryptKeystore(getBytes(key), kdf, account, options);
}