@metamask-previews/keyring-controller 22.0.2-preview-ca9d0265 → 22.0.2-preview-e149187d

package/CHANGELOG.md

@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- Add method `exportEncryptionKey` ([#5984](https://github.com/MetaMask/core/pull/5984))
+
+### Changed
+
+- Make salt optional with method `submitEncryptionKey` ([#5984](https://github.com/MetaMask/core/pull/5984))
+
 ## [22.0.2]
 
 ### Fixed

package/dist/KeyringController.cjs

@@ -154,6 +154,17 @@ function assertIsExportableKeyEncryptor(encryptor) {
         throw new Error(constants_1.KeyringControllerError.UnsupportedEncryptionKeyExport);
     }
 }
+/**
+ * Assert that the encryption key is set.
+ *
+ * @param encryptionKey - The encryption key to check.
+ * @throws If the encryption key is not set.
+ */
+function assertIsEncryptionKeySet(encryptionKey) {
+    if (!encryptionKey) {
+        throw new Error(constants_1.KeyringControllerError.EncryptionKeyNotSet);
+    }
+}
 /**
  * Assert that the provided password is a valid non-empty string.
  *
@@ -858,11 +869,12 @@ class KeyringController extends base_controller_1.BaseController {
         });
     }
     /**
-     * Attempts to decrypt the current vault and load its keyrings,
-     * using the given encryption key and salt.
+     * Attempts to decrypt the current vault and load its keyrings, using the
+     * given encryption key and salt. The optional salt can be used to check for
+     * consistency with the vault salt.
      *
      * @param encryptionKey - Key to unlock the keychain.
-     * @param encryptionSalt - Salt to unlock the keychain.
+     * @param encryptionSalt - Optional salt to unlock the keychain.
      * @returns Promise resolving when the operation completes.
      */
     async submitEncryptionKey(encryptionKey, encryptionSalt) {
@@ -886,6 +898,15 @@ class KeyringController extends base_controller_1.BaseController {
             console.error('Failed to update vault during login:', error);
         }
     }
+    /**
+     * Exports the vault encryption key.
+     *
+     * @returns The vault encryption key.
+     */
+    async exportEncryptionKey() {
+        assertIsEncryptionKeySet(this.state.encryptionKey);
+        return this.state.encryptionKey;
+    }
     /**
      * Attempts to decrypt the current vault and load its keyrings,
      * using the given password.
@@ -1384,9 +1405,12 @@ async function _KeyringController_unlockKeyrings(password, encryptionKey, encryp
             }
             else {
                 const parsedEncryptedVault = JSON.parse(encryptedVault);
-                if (encryptionSalt !== parsedEncryptedVault.salt) {
+                if (encryptionSalt && encryptionSalt !== parsedEncryptedVault.salt) {
                     throw new Error(constants_1.KeyringControllerError.ExpiredCredentials);
                 }
+                else {
+                    encryptionSalt = parsedEncryptedVault.salt;
+                }
                 if (typeof encryptionKey !== 'string') {
                     throw new TypeError(constants_1.KeyringControllerError.WrongPasswordType);
                 }
@@ -1395,9 +1419,6 @@ async function _KeyringController_unlockKeyrings(password, encryptionKey, encryp
                 // This call is required on the first call because encryptionKey
                 // is not yet inside the memStore
                 updatedState.encryptionKey = encryptionKey;
-                // we can safely assume that encryptionSalt is defined here
-                // because we compare it with the salt from the vault
-                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
                 updatedState.encryptionSalt = encryptionSalt;
             }
         }