At the moment passphrases must be exactly 32 characters due to the cipher length requirement in aes-256-ctr which for short passwords is resolved by padding with zeroes:
|
/** |
|
* Right-pad a passphrase input to ensure compatibility with the encryption cipher. |
|
*/ |
|
const resizePassphrase = (passphrase: string): string => passphrase.padEnd(32, '0') |
However, there is no elegant handling of too-long passwords, where an error is encountered instead while creating/restoring a wallet:
[critical] Error: Invalid key length {}
Possible solutions:
- Indicate this limit more clearly in CLI and validate passphrase length during input, i.e. loop back, advise, and ask again, rather than stop the process
- Find a way to use a larger encryption cipher - but without breaking existing wallets!
- Implement custom passphrase elongation via something like recursive encryption using consecutive 32-character sections as ciphers e.g. if the passphrase is 40 characters, then the first 32 characters make up the first cipher, and the last 8 characters are padded with zeroes to make up the second cipher
At the moment passphrases must be exactly 32 characters due to the cipher length requirement in
aes-256-ctrwhich for short passwords is resolved by padding with zeroes:cli/src/wallet/wallet.ts
Lines 41 to 44 in 27e0620
However, there is no elegant handling of too-long passwords, where an error is encountered instead while creating/restoring a wallet:
Possible solutions: