From b77c2846ee297c4b2450e89a17a0310df1619814 Mon Sep 17 00:00:00 2001
From: Anna Shaleva <shaleva.ann@nspcc.ru>
Date: Wed, 25 Jan 2023 09:51:54 +0300
Subject: [PATCH] cli: allow to request NEP2 password from input

In case if wrong password was provided via config file we allow the
user to provide the password manually.
---
 cli/wallet/wallet.go      | 14 +++++++++++++-
 cli/wallet/wallet_test.go | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/cli/wallet/wallet.go b/cli/wallet/wallet.go
index 50e852a70..212092f47 100644
--- a/cli/wallet/wallet.go
+++ b/cli/wallet/wallet.go
@@ -1000,7 +1000,19 @@ func newAccountFromWIF(w io.Writer, wif string, scrypt keys.ScryptParams, label
 
 		acc, err := wallet.NewAccountFromEncryptedWIF(wif, phrase, scrypt)
 		if err != nil {
-			return nil, err
+			// If password from wallet config wasn't OK then retry with the user input,
+			// see the https://github.com/nspcc-dev/neo-go/issues/2883#issuecomment-1399923088.
+			if pass == nil {
+				return nil, err
+			}
+			phrase, err = input.ReadPassword(EnterPasswordPrompt)
+			if err != nil {
+				return nil, fmt.Errorf("error reading password: %w", err)
+			}
+			acc, err = wallet.NewAccountFromEncryptedWIF(wif, phrase, scrypt)
+			if err != nil {
+				return nil, err
+			}
 		}
 		acc.Label = name
 		return acc, nil
diff --git a/cli/wallet/wallet_test.go b/cli/wallet/wallet_test.go
index 36b9c5204..7425237e9 100644
--- a/cli/wallet/wallet_test.go
+++ b/cli/wallet/wallet_test.go
@@ -369,6 +369,41 @@ func TestWalletInit(t *testing.T) {
 			require.NotNil(t, actual)
 			require.NoError(t, actual.Decrypt("somepass", w.Scrypt))
 		})
+		t.Run("EncryptedWIF with wallet config", func(t *testing.T) {
+			pass := "somepass"
+			check := func(t *testing.T, configPass string, needUserPass bool) {
+				acc, err := wallet.NewAccount()
+				require.NoError(t, acc.Encrypt(pass, keys.NEP2ScryptParams()))
+				configPath := filepath.Join(t.TempDir(), "wallet-config.yaml")
+				require.NoError(t, err)
+				cfg := &config.Wallet{
+					Path:     walletPath,
+					Password: configPass,
+				}
+				bytes, err := yaml.Marshal(cfg)
+				require.NoError(t, err)
+				require.NoError(t, os.WriteFile(configPath, bytes, os.ModePerm))
+
+				if needUserPass {
+					e.In.WriteString(pass + "\r")
+				}
+				e.Run(t, "neo-go", "wallet", "import", "--wallet-config", configPath,
+					"--wif", acc.EncryptedWIF)
+
+				w, err := wallet.NewWalletFromFile(walletPath)
+				require.NoError(t, err)
+				actual := w.GetAccount(acc.PrivateKey().GetScriptHash())
+				require.NotNil(t, actual)
+				require.NoError(t, actual.Decrypt(pass, w.Scrypt))
+			}
+			t.Run("config password mismatch", func(t *testing.T) {
+				check(t, pass+"badpass", true)
+			})
+
+			t.Run("good config password", func(t *testing.T) {
+				check(t, pass, false)
+			})
+		})
 		t.Run("Multisig", func(t *testing.T) {
 			t.Run("missing wallet", func(t *testing.T) {
 				e.RunWithError(t, "neo-go", "wallet", "import-multisig")