if (messageData.password != null && !(messageData.password instanceof ArrayBuffer)) {
throw new TypeError('Password must be ArrayBuffer')
}
- const password = messageData.password
+ let password = messageData.password?.slice()
+ if (messageData.password instanceof ArrayBuffer) {
+ new Uint8Array(messageData.password).fill(0)
+ delete messageData.password
+ }
// IV for crypto key, included if unlocking or generated if creating
if (action === 'unlock' && !(messageData.iv instanceof ArrayBuffer)) {
const key = password instanceof ArrayBuffer
? await this.#createAesKey(action === 'unlock' ? 'decrypt' : 'encrypt', password, keySalt)
: undefined
+ if (password instanceof ArrayBuffer && !password.detached) {
+ new Uint8Array(password).fill(0)
+ password = undefined
+ }
// Type of wallet
if (messageData.type !== undefined && messageData.type !== 'BIP-44' && messageData.type !== 'BLAKE2b') {
}
// Seed to import
- if (action === 'import' && 'seed' in message && !(messageData.seed instanceof ArrayBuffer)) {
+ if (action === 'import' && 'seed' in messageData && !(messageData.seed instanceof ArrayBuffer)) {
throw new TypeError('Seed required to import wallet')
}
const seed = messageData.seed instanceof ArrayBuffer
- ? messageData.seed
+ ? messageData.seed.slice()
: undefined
+ if (messageData.seed instanceof ArrayBuffer) {
+ new Uint8Array(messageData.seed).fill(0)
+ delete messageData.seed
+ }
// Mnemonic phrase to import
if (action === 'import' && 'mnemonicPhrase' in message && typeof messageData.mnemonicPhrase !== 'string') {
const mnemonicPhrase = typeof messageData.mnemonicPhrase === 'string'
? messageData.mnemonicPhrase
: undefined
+ delete messageData.mnemonicPhrase
// Mnemonic salt for mnemonic phrase to import
if (action === 'import' && messageData.mnemonicSalt != undefined && typeof messageData.mnemonicSalt !== 'string') {
const mnemonicSalt = typeof messageData.mnemonicSalt === 'string'
? messageData.mnemonicSalt
: undefined
+ delete messageData.mnemonicSalt
// Encrypted seed and possibly mnemonic
if (action === 'unlock') {
}
}
const encrypted = messageData.encrypted instanceof ArrayBuffer
- ? messageData.encrypted
+ ? messageData.encrypted.slice()
: undefined
+ if (messageData.encrypted instanceof ArrayBuffer) {
+ new Uint8Array(messageData.encrypted).fill(0)
+ delete messageData.encrypted
+ }
// Index for child account to derive or sign
if ((action === 'derive' || action === 'sign') && typeof messageData.index !== 'number') {
const data = messageData.data instanceof ArrayBuffer
? messageData.data
: undefined
+ delete messageData.data
return { action, type, key, iv, keySalt, seed, mnemonicPhrase, mnemonicSalt, encrypted, index, data }
}
projects / libnemo.git / commitdiff