IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding passphrase generation check

Browse Source
This commit is contained in:
Dario 2020-02-27 12:06:57 +01:00
parent 7468b5df29
commit 95f5460112
11 changed files with 143 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/cpp/Crypto/KeyPair.cpp
View File

@ -79,26 +79,34 @@ bool KeyPair::generateFromPassphrase(const char* passphrase, const Mnemonic* wor
size_t word_index_size = sizeof(word_indices);
//crypto_auth_hmacsha512_init(&state, (unsigned char*)word_indices, sizeof(word_indices));
sha512_init(&state);
sha512_update(&state, (unsigned char*)word_indices, sizeof(word_indices));
sha512_update(&state, *word_indices, word_indices->size());
sha512_update(&state, (unsigned char*)clearPassphrase.data(), clearPassphrase.size());
//crypto_auth_hmacsha512_update(&state, (unsigned char*)passphrase, pass_phrase_size);
sha512_final(&state, hash);
//crypto_auth_hmacsha512_final(&state, hash);
mm->releaseMemory(word_indices);
// debug passphrase
// printf("\passsphrase: <%s>\n", passphrase);
//printf("word_indices: \n%s\n", getHex((unsigned char*)word_indices, sizeof(word_indices)).data());
/*printf("word_indices: \n");
printf("\passsphrase: <%s>\n", passphrase);
printf("size word indices: %u\n", word_indices->size());
std::string word_indicesHex = getHex(*word_indices, word_indices->size());
printf("word_indices: \n%s\n", word_indicesHex.data());
printf("word_indices: \n");
Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data());
for (int i = 0; i < PHRASE_WORD_COUNT; i++) {
if (i > 0) printf(" ");
printf("%4hu", word_indices[i]);
printf("%4hu", word_indices_p[i]);
}
printf("\n");
//*/
//printf("\nclear passphrase: \n%s\n", clearPassphrase.data());
// printf("passphrase bin: \n%s\n\n", getHex((unsigned char*)passphrase, pass_phrase_size).data());
printf("\nclear passphrase: \n%s\n", clearPassphrase.data());
std::string hex_clearPassphrase = getHex((const unsigned char*)clearPassphrase.data(), clearPassphrase.size());
printf("passphrase bin: \n%s\n\n", hex_clearPassphrase.data());
mm->releaseMemory(word_indices);
//ed25519_create_keypair(public_key, private_key, hash);
private_key_t prv_key_t;
@ -149,10 +157,10 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo
auto er = ErrorManager::getInstance();
auto mm = MemoryManager::getInstance();
auto word_indices = mm->getFreeMemory(sizeof(Poco::UInt32) * PHRASE_WORD_COUNT);
auto word_indices = mm->getFreeMemory(sizeof(Poco::UInt64) * PHRASE_WORD_COUNT);
Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data());
//unsigned long word_indices_old[PHRASE_WORD_COUNT] = { 0 };
//memset(word_indices_old, 0, PHRASE_WORD_COUNT);// *sizeof(unsigned long));
//Poco::UInt64 word_indices_old[PHRASE_WORD_COUNT] = { 0 };
//memset(word_indices_old, 0, PHRASE_WORD_COUNT * sizeof(Poco::UInt64));// *sizeof(unsigned long));
memset(*word_indices, 0, word_indices->size());
//DHASH key = DRMakeStringHash(passphrase);
@ -163,12 +171,15 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo
// get word indices for hmac key
unsigned char word_cursor = 0;
for (auto it = passphrase.begin(); it != passphrase.end(); it++) {
if (*it == ' ' || *it == '\0') {
if (buffer_cursor < 3) continue;
for (auto it = passphrase.begin(); it != passphrase.end(); it++)
{
if (*it == ' ') {
if (buffer_cursor < 3) {
continue;
}
if (word_source->isWordExist(acBuffer)) {
word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer);
// word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer);
//word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer);
}
else {
er->addError(new ParamError("KeyPair::generateFromPassphrase", "word didn't exist", acBuffer));
@ -185,6 +196,12 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo
acBuffer[buffer_cursor++] = *it;
}
}
if (word_source->isWordExist(acBuffer)) {
word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer);
//word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer);
word_cursor++;
}
//printf("word cursor: %d\n", word_cursor);
/*if (memcmp(word_indices_p, word_indices_old, word_indices->size()) != 0) {
printf("not identical\n");
@ -195,10 +212,10 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo
std::string KeyPair::createClearPassphraseFromWordIndices(MemoryBin* word_indices, const Mnemonic* word_source)
{
Poco::UInt32* word_indices_p = (Poco::UInt32*)word_indices->data();
Poco::UInt64* word_indices_p = (Poco::UInt64*)word_indices->data();
std::string clearPassphrase;
for (int i = 0; i < PHRASE_WORD_COUNT; i++) {
if (i * sizeof(Poco::UInt32) >= word_indices->size()) break;
if (i * sizeof(Poco::UInt64) >= word_indices->size()) break;
auto word = word_source->getWord(word_indices_p[i]);
if (word) {
clearPassphrase += word;

2
src/cpp/HTTPInterface/LoginPage.cpp
View File

@ -43,7 +43,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::
auto em = ErrorManager::getInstance();
auto lang = chooseLanguage(request);
printf("choose language return: %d\n", lang);
//printf("choose language return: %d\n", lang);
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");

2
src/cpp/HTTPInterface/PageRequestMessagedHandler.cpp
View File

@ -33,7 +33,7 @@ Languages PageRequestMessagedHandler::chooseLanguage(Poco::Net::HTTPServerReques
$lang = in_array($lang, $acceptLang) ? $lang : 'en';
*/
std::string accept_languages = request.get("HTTP_ACCEPT_LANGUAGE", "");
printf("[PageRequestMessagedHandler::chooseLanguage] accept header: %s\n", accept_languages.data());
//printf("[PageRequestMessagedHandler::chooseLanguage] accept header: %s\n", accept_languages.data());
}
}

39
src/cpp/HTTPInterface/TranslatePassphrase.cpp
View File

@ -51,6 +51,14 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
inputPassphrase = form.get("inputPassphrase", "");
auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase);
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
mSession->generatePassphrase();
localPassphrase = mSession->getPassphrase();
inputPassphrase = localPassphrase;
}
if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) {
addError(new Error(
gettext("Fehler"),
@ -65,10 +73,7 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource);
}
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
passphrase = mSession->generatePassphrase();
}
}
#line 3 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp"
@ -195,7 +200,7 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "\n";
responseStream << "<div class=\"row mb-3\" style=\"margin-top:70px;\">\n";
responseStream << "\t<h2 class=\"mx-auto\">";
#line 54 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Passphrase umwandeln") );
responseStream << "</h2>\n";
responseStream << "</div>\n";
@ -206,57 +211,57 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P
responseStream << "\t <div class=\"col-md-12 col-lg-12 \">\n";
responseStream << "\t\t<div class=\"alert alert-orange\">\n";
responseStream << "\t\t <h5 class=\"alert-heading\">";
#line 62 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 67 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Was zu tun ist:") );
responseStream << "</h5>\n";
responseStream << "\t\t <p>";
#line 63 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Kopiere/schreibe deine Passphrase in die Textbox und du bekommst sie in die jeweils andere Sprache umgewandelt.") );
responseStream << "</p>\n";
responseStream << "\t\t <p>";
#line 64 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("Du kannst mit beiden Varianten dein Konto wiederherstellen oder dein Passwort ändern.") );
responseStream << "</p>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t </div>\n";
responseStream << "\t <div class=\"col-lg-12 col-md-12 mb-5\">\n";
responseStream << "\t\t<form action=\"";
#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( uri_start );
responseStream << "/transform_passphrase\">\n";
responseStream << "\t\t <div class=\"form-group row-showcase_row_area\">\n";
responseStream << "\t\t\t<textarea name=\"inputPassphrase\" cols=\"10\" rows=\"5\" id=\"inputPassphrase\" class=\"form-control\" placeholder=\"";
#line 70 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( gettext("deine Passphrase") );
responseStream << "\">";
#line 70 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( inputPassphrase );
responseStream << "</textarea>\n";
responseStream << "\t\t </div>\n";
responseStream << "\t\t <input name=\"btnTransform\" type=\"submit\" value=\"Umwandeln\" class=\"btn btn btn-orange\">\n";
responseStream << "\t\t ";
#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
if(controller::USER_ROLE_ADMIN == role) { responseStream << "\n";
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
if(model::table::ROLE_ADMIN == role) { responseStream << "\n";
responseStream << "\t\t\t<input name=\"btnGenerate\" type=\"submit\" value=\"Neue generieren\" class=\"btn btn-secondary\">\n";
responseStream << "\t\t ";
#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 80 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
} responseStream << "\n";
responseStream << "\t\t</form>\n";
responseStream << "\t </div>\n";
responseStream << "\t ";
#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
if(passphrase != "") { responseStream << "\n";
responseStream << "\t\t<div class=\"col-lg-12 col-md-12\">\n";
responseStream << "\t\t\t<div class=\"alert alert-success\">\n";
responseStream << "\t\t\t\t<h5 class=\"alert-heading\">Umgewandelte Passphrase: </h5>\n";
responseStream << "\t\t\t\t<p>";
#line 82 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 87 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
responseStream << ( passphrase );
responseStream << "</p>\n";
responseStream << "\t\t\t</div>\n";
responseStream << "\t\t</div>\n";
responseStream << "\t ";
#line 85 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp"
} responseStream << "\n";
responseStream << "\t </div>\n";
responseStream << "\t</div>\n";

50
src/cpp/ImportantTests.cpp Normal file
View File

@ -0,0 +1,50 @@
#include "ImportantTests.h"
#include <string>
#include "ServerConfig.h"
#include "Crypto/KeyPair.h"
namespace ImportantTests {
bool passphraseGenerationAndTransformation()
{
auto de_words = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER];
auto en_words = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER];
std::string passphrase_1_de = "beziffern Anbeginn häkeln Sozialabgaben Rasen fließen Frau weltweit Urlaub Urwissen Lohn plötzlich Gefrierpunkt Derartig Biedermeier getragen denken Realisierung Boden maximal voneinander Fördern Braten Entlastung";
std::string passphrase_1_en = "boil banner regret since goat awful crane imitate myth clump rally offer train airport purpose machine helmet ahead alley gesture load scrub river glory";
std::string passphrase_1_pubkey_hex = "cfce9cfad355ceb8c099a97f55a2bd7aa8d2bd0b86970f7d1e135be9e1da5eb7";
std::string passphrase_2_de = "dazu Zyklus Danach Auge losfliegen besprechen stoßen ohne heutige Begründung Dogma Erkenntnis genießen Medaille Äste Google woher Sprache Pädagoge Schweigen rasant Sekunde nahm Nordstern";
std::string passphrase_2_en = "place oblige gain jar neither note cry riot empty inform egg skate suffer garlic lake ladder liquid focus gorilla subject strong much oyster reduce";
std::string passphrase_2_pubkey_hex = "3d547825bb53465579b95560981f444105495f2b6a68134fbec28ce518ac7b38";
KeyPair keys;
bool errorsOccured = false;
keys.generateFromPassphrase(passphrase_1_de.data(), de_words);
if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) {
printf("1 de incorrect\n");
errorsOccured = true;
}
keys.generateFromPassphrase(passphrase_1_en.data(), en_words);
if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) {
printf("1 en incorrect\n");
errorsOccured = true;
}
keys.generateFromPassphrase(passphrase_2_de.data(), de_words);
if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) {
printf("2 de incorrect\n");
errorsOccured = true;
}
keys.generateFromPassphrase(passphrase_2_en.data(), en_words);
if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) {
printf("2 en incorrect\n");
errorsOccured = true;
}
if (!errorsOccured) return true;
return false;
}
}

8
src/cpp/ImportantTests.h Normal file
View File

@ -0,0 +1,8 @@
#ifndef __GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H
#define __GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H
namespace ImportantTests {
bool passphraseGenerationAndTransformation();
};
#endif //__GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H

4
src/cpp/controller/User.h
View File

@ -8,12 +8,12 @@
namespace controller {
enum UserLoadedRole {
/*enum UserLoadedRole {
USER_ROLE_NOT_LOADED,
USER_ROLE_CURRENTLY_LOADING,
USER_ROLE_NONE,
USER_ROLE_ADMIN
};
};*/
class User : public TableControllerBase
{

13
src/cpp/main.cpp
View File

@ -7,6 +7,7 @@
#include "model/Session.h"
#include "lib/Profiler.h"
#include "ServerConfig.h"
#include "ImportantTests.h"
#include "model/table/User.h"
#include "model/table/EmailOptIn.h"
@ -19,13 +20,19 @@ int main(int argc, char** argv)
GOOGLE_PROTOBUF_VERIFY_VERSION;
if (sodium_init() < 0) {
/* panic! the library couldn't be initialized, it is not safe to use */
printf("error initing sodium, early exit\n");
printf("error initializing sodium, early exit\n");
return -1;
}
ServerConfig::g_versionString = "0.20.KW08.02";
ServerConfig::g_versionString = "0.20.KW08.04";
printf("User size: %d Bytes, Session size: %d Bytes\n", sizeof(User), sizeof(Session));
printf("model sizes: User: %d Bytes, EmailOptIn: %d Bytes\n", sizeof(model::table::User), sizeof(model::table::EmailOptIn));
if (!ImportantTests::passphraseGenerationAndTransformation()) {
printf("test passphrase generation and transformation failed\n");
return -2;
}
Gradido_LoginServer app;
return app.run(argc, argv);

8
src/cpp/model/Session.cpp
View File

@ -698,7 +698,7 @@ bool Session::deleteUser()
void Session::setLanguage(Languages lang)
{
printf("[Session::setLanguage] new language: %d\n", lang);
//printf("[Session::setLanguage] new language: %d\n", lang);
lock("Session::setLanguage");
if (mLanguageCatalog.isNull() || mLanguageCatalog->getLanguage() != lang) {
auto lm = LanguageManager::getInstance();
@ -926,13 +926,13 @@ bool Session::useOrGeneratePassphrase(const std::string& passphase)
bool Session::generatePassphrase()
{
auto lang = getLanguage();
/*if (lang == LANG_EN) {
if (lang == LANG_EN) {
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]);
}
else {
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
}*/
mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
}
//mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]);
updateState(SESSION_STATE_PASSPHRASE_GENERATED);
return true;
}

2
src/cpsp/login.cpsp
View File

@ -22,7 +22,7 @@
auto em = ErrorManager::getInstance();
auto lang = chooseLanguage(request);
printf("choose language return: %d\n", lang);
//printf("choose language return: %d\n", lang);
auto langCatalog = lm->getFreeCatalog(lang);
std::string presetEmail("");

15
src/cpsp/translatePassphrase.cpsp
View File

@ -30,6 +30,14 @@
inputPassphrase = form.get("inputPassphrase", "");
auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase);
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
mSession->generatePassphrase();
localPassphrase = mSession->getPassphrase();
inputPassphrase = localPassphrase;
}
if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) {
addError(new Error(
gettext("Fehler"),
@ -44,10 +52,7 @@
passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource);
}
auto btnGenerate = form.get("btnGenerate", "");
if("" != btnGenerate) {
passphrase = mSession->generatePassphrase();
}
}
%><%@ include file="login_header.cpsp" %><%@ include file="flags.cpsp" %>
<div class="row mb-3" style="margin-top:70px;">
@ -70,7 +75,7 @@
<textarea name="inputPassphrase" cols="10" rows="5" id="inputPassphrase" class="form-control" placeholder="<%= gettext("deine Passphrase") %>"><%= inputPassphrase %></textarea>
</div>
<input name="btnTransform" type="submit" value="Umwandeln" class="btn btn btn-orange">
<% if(controller::USER_ROLE_ADMIN == role) { %>
<% if(model::table::ROLE_ADMIN == role) { %>
<input name="btnGenerate" type="submit" value="Neue generieren" class="btn btn-secondary">
<% } %>
</form>