Reject invalid utf-8 characters during encryption (#1928)

## Issue Addressed Closes #1889 ## Proposed Changes - Error when passwords which use invalid UTF-8 characters during encryption. - Add some tests ## Additional Info I've decided to error when bad characters are used to create/encrypt a keystore but think we should allow them during decryption since either the keystore was created - with invalid UTF-8 characters (possibly by another client or someone whose password is random bytes) in which case we'd want them to be able to decrypt their keystore using the right key. - without invalid characters then the password checksum would almost certainly fail. Happy to add them to decryption if we want to make the decryption more trigger happy 😋 , it would only be a one line change and would tell the user which character index is causing the issue. See https://eips.ethereum.org/EIPS/eip-2335#password-requirements
2026-03-22 14:24:44 +00:00 · 2020-11-19 00:37:43 +00:00
parent 79fd9b32b9
commit 3db9072fee
6 changed files with 97 additions and 6 deletions
--- a/crypto/eth2_keystore/tests/tests.rs
+++ b/crypto/eth2_keystore/tests/tests.rs
@@ -160,3 +160,60 @@ fn custom_pbkdf2_kdf() {

    assert_eq!(keystore.kdf(), &my_kdf);
 }
+
+#[test]
+fn utf8_control_characters() {
+    let keypair = Keypair::random();
+
+    let invalid_character = 0u8;
+    let invalid_password = [invalid_character];
+    let keystore = KeystoreBuilder::new(&keypair, &invalid_password, "".into())
+        .unwrap()
+        .build();
+    assert_eq!(
+        keystore,
+        Err(Error::InvalidPasswordCharacter {
+            character: invalid_character,
+            index: 0
+        })
+    );
+
+    let invalid_character = 0x1Fu8;
+    let invalid_password = [50, invalid_character, 50];
+    let keystore = KeystoreBuilder::new(&keypair, &invalid_password, "".into())
+        .unwrap()
+        .build();
+    assert_eq!(
+        keystore,
+        Err(Error::InvalidPasswordCharacter {
+            character: invalid_character,
+            index: 1
+        })
+    );
+
+    let invalid_character = 0x80u8;
+    let invalid_password = [50, 50, invalid_character];
+    let keystore = KeystoreBuilder::new(&keypair, &invalid_password, "".into())
+        .unwrap()
+        .build();
+    assert_eq!(
+        keystore,
+        Err(Error::InvalidPasswordCharacter {
+            character: invalid_character,
+            index: 2
+        })
+    );
+
+    let invalid_character = 0x7Fu8;
+    let invalid_password = [50, 50, 50, 50, 50, 50, invalid_character];
+    let keystore = KeystoreBuilder::new(&keypair, &invalid_password, "".into())
+        .unwrap()
+        .build();
+    assert_eq!(
+        keystore,
+        Err(Error::InvalidPasswordCharacter {
+            character: invalid_character,
+            index: 6
+        })
+    );
+}