-
Notifications
You must be signed in to change notification settings - Fork 287
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fromEthSale() not working with certain password lengths #19
Comments
It's quite possible that I'm running into this bug too. Is there any workaround I could implement? |
Can you give an example how long the password non-working passwords are? |
Every attempt to call fromEthSale() gives the following error message: Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt In my case, the password isn't known, and I've been trying to find the correct one. So I'm unsure if decryption is failing due to an incorrect password, or an incompatibility with fromEthSale(). Unfortunately I do not understand the issue as reported to determine if it might be an impact for me or not. Related, I also believe that pre-sale Ethereum wallets require a minimum of 10 characters, containing uppercase, lowercase, numerals and symbols. |
What version of It doesn't seem to have any kind of password restriction, because it uses PBKDF2 to derive a fixed size key out of a free text. |
Also see this test case for how to use it: https://github.com/ethereumjs/ethereumjs-wallet/blob/master/src/test/index.js#L237 |
I've been using v0.6.2 recently. I don't know if this is important for you, apparently presale wallet passwords had to be at least 10 bytes long, with a-Z, 0-9, and symbols. |
If you look at the tests, it passes with a presale generated with the presale tool. And the presale tool doesn't give any restrictions on passwords. Can you point me to the presale tool you have used to generate it? |
The wallet I'm using is from Ethereum, bought during the presale event. I can see the test case passes, but that test password is simple, not representative of real wallets. I don't have any other presale wallet (with a known password) to test this with. |
I've generated another one right now, with a long password, still passes: #80 |
Did you use any non-ascii character in the password? If so, which? |
The decryption error listed in this issue suggest it an invalid password issue. |
There are almost certainly no non ASCII characters in the password. Yes, I understand the error can be due to an incorrect password. It can also be caused by incompatibility in padding I read, which is in line with the original issue report. I'm keen to try the upcoming v0.6.3. I'm curious about the changes upstream, and any potential impacts. |
The official pyethsaletool uses PKCS7 padding, which this library replicates. There are no changes in the code for this in 0.6.3. It will be impossible to pinpoint any possible issue unless some test cases are provided. Can you create a non-working wallet with the tool you have used originally? |
One version of the tool used a slightly different derivation, though I do not think that was the final one. Maybe you have used it though. Added a branch here: https://github.com/ethereumjs/ethereumjs-wallet/tree/presale-derive |
This wallet I'm using was created in 2014, bought from ethereum.org during the presale event. Do you know what might have been used for those? |
Judging by the official tool's history, the wallet I have was creating using the existing derivation approach. Or at least, I couldn't see any changes to it. Otherwise I'm sorry, it seems I'm not being helpful at all with respect to the original bug report. |
I used the function: Wallet.fromEthSale(obj,password') and when I ran that using this GitHub library, it throws an error(Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt). I tried debugging the code by removing autopadding and then, it runs the code but in the end, it doesn't generate correct eth address. I can understand this as the input object may not be the multiples, i.e why might require padding to fill remaining bits of input.
But with padding, it is throwing that error. The variables used are:
obj - JSON object
password - password linked to ethereum address
The values that came out while debugging:
encseed = <Buffer 7e cd 94 5d bd 10 cf 5d ff c2 fc 3d 8d ef e3 b9 f6 d5 f0 5f 6a cb 14 ca 54 b9 79 d3 9c 2a 4a 0f 82 54 7c ....... >
Derived Key: <Buffer 79 ab b2 5d 93 b7 00 fc cb 56 83 .........>
In decipherBuffer function where the error is coming, the values passing are:
decipher: Decipheriv {
_handle: {},
_decoder: null,
_options: undefined,
writable: true,
readable: true }
data: <Buffer f6 d5 f0 5f 6a cb 14 ca 54 b9 79 d3 9c 2a 4a 0f 82 54 7c 6f 1b e4 23 eb 25 4e 1c f6 e0 57 b7 4b c7 ........ >
Decipher update: <Buffer 45 0c a6 56 cf e6 58 92 ae e7 e3 c8 93 ff 01 44 15 cb 88 f4 6e cb ac 9c f0 35 f8 95 a5 79 fd 12 45 ........ >
These are the samples of what is getting in the function.
I am using Docker on EC2 instance to run this.
The text was updated successfully, but these errors were encountered: