From a76d90990ce5608b6da89019b1a3c68da2c352ae Mon Sep 17 00:00:00 2001 From: iPLAY888 <133153661+letmehateu@users.noreply.github.com> Date: Sun, 15 Feb 2026 21:45:07 +0300 Subject: [PATCH] Update passphrase.go --- accounts/keystore/passphrase.go | 54 ++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 15 deletions(-) diff --git a/accounts/keystore/passphrase.go b/accounts/keystore/passphrase.go index fc7ea938e2..36c3d0aabc 100644 --- a/accounts/keystore/passphrase.go +++ b/accounts/keystore/passphrase.go @@ -332,20 +332,42 @@ func decryptKeyV1(keyProtected *encryptedKeyJSONV1, auth string) (keyBytes []byt func getKDFKey(cryptoJSON CryptoJSON, auth string) ([]byte, error) { authArray := []byte(auth) - salt, err := hex.DecodeString(cryptoJSON.KDFParams["salt"].(string)) + saltStr, ok := cryptoJSON.KDFParams["salt"].(string) + if !ok { + return nil, fmt.Errorf("invalid KDF params: salt is not a string") + } + salt, err := hex.DecodeString(saltStr) + if err != nil { + return nil, err + } + dkLen, err := ensureInt(cryptoJSON.KDFParams["dklen"]) if err != nil { return nil, err } - dkLen := ensureInt(cryptoJSON.KDFParams["dklen"]) if cryptoJSON.KDF == keyHeaderKDF { - n := ensureInt(cryptoJSON.KDFParams["n"]) - r := ensureInt(cryptoJSON.KDFParams["r"]) - p := ensureInt(cryptoJSON.KDFParams["p"]) + n, err := ensureInt(cryptoJSON.KDFParams["n"]) + if err != nil { + return nil, err + } + r, err := ensureInt(cryptoJSON.KDFParams["r"]) + if err != nil { + return nil, err + } + p, err := ensureInt(cryptoJSON.KDFParams["p"]) + if err != nil { + return nil, err + } return scrypt.Key(authArray, salt, n, r, p, dkLen) } else if cryptoJSON.KDF == "pbkdf2" { - c := ensureInt(cryptoJSON.KDFParams["c"]) - prf := cryptoJSON.KDFParams["prf"].(string) + c, err := ensureInt(cryptoJSON.KDFParams["c"]) + if err != nil { + return nil, err + } + prf, ok := cryptoJSON.KDFParams["prf"].(string) + if !ok { + return nil, fmt.Errorf("invalid KDF params: prf is not a string") + } if prf != "hmac-sha256" { return nil, fmt.Errorf("unsupported PBKDF2 PRF: %s", prf) } @@ -356,13 +378,15 @@ func getKDFKey(cryptoJSON CryptoJSON, auth string) ([]byte, error) { return nil, fmt.Errorf("unsupported KDF: %s", cryptoJSON.KDF) } -// TODO: can we do without this when unmarshalling dynamic JSON? -// why do integers in KDF params end up as float64 and not int after -// unmarshal? -func ensureInt(x interface{}) int { - res, ok := x.(int) - if !ok { - res = int(x.(float64)) +// ensureInt extracts an integer from a JSON-decoded interface{} value. +// JSON numbers are unmarshalled as float64 when decoded into interface{}. +func ensureInt(x interface{}) (int, error) { + switch v := x.(type) { + case int: + return v, nil + case float64: + return int(v), nil + default: + return 0, fmt.Errorf("invalid KDF parameter: expected number, got %T", x) } - return res }