From ab47b3557f564aca3a06460580bf628602142c65 Mon Sep 17 00:00:00 2001
From: zb3 <onlylogout@gmail.com>
Date: Mon, 1 Apr 2024 23:04:00 +0200
Subject: [PATCH] Fix CryptoJS argument passing in DeriveEVPKey

CryptoJS treats strings as Utf8, so for binary strings, Latin1 needs to be used.
---
 src/core/operations/DeriveEVPKey.mjs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/core/operations/DeriveEVPKey.mjs b/src/core/operations/DeriveEVPKey.mjs
index 5885f892..3d67aa51 100644
--- a/src/core/operations/DeriveEVPKey.mjs
+++ b/src/core/operations/DeriveEVPKey.mjs
@@ -62,11 +62,13 @@ class DeriveEVPKey extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        const passphrase = Utils.convertToByteString(args[0].string, args[0].option),
+        const passphrase = CryptoJS.enc.Latin1.parse(
+                Utils.convertToByteString(args[0].string, args[0].option)),
             keySize = args[1] / 32,
             iterations = args[2],
             hasher = args[3],
-            salt = Utils.convertToByteString(args[4].string, args[4].option),
+            salt = CryptoJS.enc.Latin1.parse(
+                Utils.convertToByteString(args[4].string, args[4].option)),
             key = CryptoJS.EvpKDF(passphrase, salt, { // lgtm [js/insufficient-password-hash]
                 keySize: keySize,
                 hasher: CryptoJS.algo[hasher],