diff --git a/src/cpp/controller/User.cpp b/src/cpp/controller/User.cpp index 209237877..045be46a0 100644 --- a/src/cpp/controller/User.cpp +++ b/src/cpp/controller/User.cpp @@ -153,9 +153,10 @@ namespace controller { // printf("[User::login] password key hashed is the same as saved password hash\n"); MemoryBin* clear_private_key = nullptr; + mPassword = authenticated_encryption; + // additional check if saved private key found, decrypt and derive public key and compare with saved public key - if (!model->hasPrivateKeyEncrypted()) { - mPassword = authenticated_encryption; + if (!model->hasPrivateKeyEncrypted()) { return 1; } else @@ -163,7 +164,6 @@ namespace controller { if (AuthenticatedEncryption::AUTH_DECRYPT_OK == authenticated_encryption->decrypt(model->getPrivateKeyEncrypted(), &clear_private_key)) { if (mGradidoKeyPair) { if (mGradidoKeyPair->isTheSame(clear_private_key) == 0) { - mPassword = authenticated_encryption; mCanDecryptPrivateKey = true; return 1; } @@ -180,7 +180,6 @@ namespace controller { return -1; } //printf("correct pwd\n"); - mPassword = authenticated_encryption; mCanDecryptPrivateKey = true; return 1; } @@ -208,6 +207,7 @@ namespace controller { model->setPublicKey(mGradidoKeyPair->getPublicKey()); if (mPassword && mPassword->hasKey()) { model->setPrivateKey(mGradidoKeyPair->getCryptedPrivKey(mPassword)); + mCanDecryptPrivateKey = true; return 1; } return 0; diff --git a/src/cpp/model/Session.cpp b/src/cpp/model/Session.cpp index 4de342bdb..d462a0bb6 100644 --- a/src/cpp/model/Session.cpp +++ b/src/cpp/model/Session.cpp @@ -749,12 +749,14 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo auto user_model = mNewUser->getModel(); auto user_backups = controller::UserBackups::load(user_model->getID()); for (auto it = user_backups.begin(); it != user_backups.end(); it++) { - auto key = (*it)->createGradidoKeyPair(); - if (key->isTheSame(user_model->getPublicKey())) { - auto crypted_private_key = key->getCryptedPrivKey(mNewUser->getPassword()); - if (crypted_private_key) { - user_model->setPrivateKey(crypted_private_key); - MemoryManager::getInstance()->releaseMemory(crypted_private_key); + auto key = std::unique_ptr((*it)->createGradidoKeyPair()); + if (key->isTheSame(user_model->getPublicKey())) + { + + // set valid key pair + if (1 == mNewUser->setGradidoKeyPair(key.release())) { + // save new encrypted private key + user_model->updatePrivkey(); } else { auto em = ErrorManager::getInstance(); @@ -764,7 +766,6 @@ UserStates Session::loadUser(const std::string& email, const std::string& passwo } break; } - delete key; } } // can be removed if session user isn't used any more diff --git a/src/cpp/tasks/SigningTransaction.cpp b/src/cpp/tasks/SigningTransaction.cpp index a2b9721a8..a81e57fc5 100644 --- a/src/cpp/tasks/SigningTransaction.cpp +++ b/src/cpp/tasks/SigningTransaction.cpp @@ -70,7 +70,8 @@ int SigningTransaction::run() { //auto privKey = mUser->getPrivKey(); //if (!mUser->hasPrivKey()) { - if(!mNewUser->canDecryptPrivateKey()) { + auto gradido_key_pair = mNewUser->getGradidoKeyPair(); + if(!gradido_key_pair || !gradido_key_pair->hasPrivateKey()) { addError(new Error("SigningTransaction", "user cannot decrypt private key")); sendErrorsAsEmail(); return -2; @@ -86,7 +87,7 @@ int SigningTransaction::run() { } // sign //auto sign = mUser->sign((const unsigned char*)bodyBytes->data(), bodyBytes->size()); - auto sign = mNewUser->getGradidoKeyPair()->sign(*bodyBytes); + auto sign = gradido_key_pair->sign(*bodyBytes); if (!sign) { ErrorManager::getInstance()->sendErrorsAsEmail(); sendErrorsAsEmail();