From fff0e24fca53b1e57386cee713825ab7c10f191d Mon Sep 17 00:00:00 2001 From: "Michael Bradley, Jr" Date: Tue, 16 Jul 2019 18:41:27 -0500 Subject: [PATCH] convert salt to Buffer instance before encrypting Previously, if a `salt` option was supplied it would be passed to `pbkdf2Sync`/`scrypt` as a string, but during decryption it was always converted to a Buffer instance such that supplying a `salt` option resulted in output that could not be decrypted. This commit fixes the bug, and also makes encrypted output match up with the output of other wallet libraries, e.g. `ethers`, whenever the equivalent encryption options are used consistently across libraries. --- packages/web3-eth-accounts/src/models/Account.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/web3-eth-accounts/src/models/Account.js b/packages/web3-eth-accounts/src/models/Account.js index 60279d17fd5..6ba7e3fe683 100644 --- a/packages/web3-eth-accounts/src/models/Account.js +++ b/packages/web3-eth-accounts/src/models/Account.js @@ -160,13 +160,13 @@ export default class Account { if (kdf === 'pbkdf2') { kdfparams.c = options.c || 262144; kdfparams.prf = 'hmac-sha256'; - derivedKey = pbkdf2Sync(Buffer.from(password), salt, kdfparams.c, kdfparams.dklen, 'sha256'); + derivedKey = pbkdf2Sync(Buffer.from(password), Buffer.from(kdfparams.salt, 'hex'), kdfparams.c, kdfparams.dklen, 'sha256'); } else if (kdf === 'scrypt') { // FIXME: support progress reporting callback kdfparams.n = options.n || 8192; // 2048 4096 8192 16384 kdfparams.r = options.r || 8; kdfparams.p = options.p || 1; - derivedKey = scrypt(Buffer.from(password), salt, kdfparams.n, kdfparams.r, kdfparams.p, kdfparams.dklen); + derivedKey = scrypt(Buffer.from(password), Buffer.from(kdfparams.salt, 'hex'), kdfparams.n, kdfparams.r, kdfparams.p, kdfparams.dklen); } else { throw new Error('Unsupported kdf'); }