Reject invalid utf-8 characters during encryption (#1928)

## Issue Addressed Closes #1889 ## Proposed Changes - Error when passwords which use invalid UTF-8 characters during encryption. - Add some tests ## Additional Info I've decided to error when bad characters are used to create/encrypt a keystore but think we should allow them during decryption since either the keystore was created - with invalid UTF-8 characters (possibly by another client or someone whose password is random bytes) in which case we'd want them to be able to decrypt their keystore using the right key. - without invalid characters then the password checksum would almost certainly fail. Happy to add them to decryption if we want to make the decryption more trigger happy 😋 , it would only be a one line change and would tell the user which character index is causing the issue. See https://eips.ethereum.org/EIPS/eip-2335#password-requirements
2026-03-06 18:21:45 +00:00 · 2020-11-19 00:37:43 +00:00
parent 79fd9b32b9
commit 3db9072fee
6 changed files with 97 additions and 6 deletions
--- a/common/eth2_wallet_manager/src/wallet_manager.rs
+++ b/common/eth2_wallet_manager/src/wallet_manager.rs
@@ -299,7 +299,7 @@ mod tests {
        );

        for i in 1..3 {
-            w.next_validator(WALLET_PASSWORD, &[1], &[0])
+            w.next_validator(WALLET_PASSWORD, &[50; 32], &[51; 32])
                .expect("should create validator");
            assert_eq!(
                load_wallet_raw(&base_dir, &uuid).nextaccount(),
--- a/common/validator_dir/src/insecure_keys.rs
+++ b/common/validator_dir/src/insecure_keys.rs
@@ -13,7 +13,7 @@ use std::path::PathBuf;
 use types::test_utils::generate_deterministic_keypair;

 /// A very weak password with which to encrypt the keystores.
-pub const INSECURE_PASSWORD: &[u8] = &[30; 32];
+pub const INSECURE_PASSWORD: &[u8] = &[50; 51];

 impl<'a> Builder<'a> {
    /// Generate the voting keystore using a deterministic, well-known, **unsafe** keypair.
@@ -59,7 +59,7 @@ fn insecure_kdf() -> Kdf {
        n: 2,
        p: 1,
        r: 8,
-        salt: vec![1, 3, 3, 5].into(),
+        salt: vec![1; 32].into(),
    })
 }

--- a/common/validator_dir/tests/tests.rs
+++ b/common/validator_dir/tests/tests.rs
@@ -11,7 +11,7 @@ use validator_dir::{
 };

 /// A very weak password with which to encrypt the keystores.
-pub const INSECURE_PASSWORD: &[u8] = &[30; 32];
+pub const INSECURE_PASSWORD: &[u8] = &[50; 51];

 /// Helper struct for configuring tests.
 struct BuildConfig {