diff --git a/src/cpp/Crypto/KeyPair.cpp b/src/cpp/Crypto/KeyPair.cpp index c921d84f9..02af0d704 100644 --- a/src/cpp/Crypto/KeyPair.cpp +++ b/src/cpp/Crypto/KeyPair.cpp @@ -79,26 +79,34 @@ bool KeyPair::generateFromPassphrase(const char* passphrase, const Mnemonic* wor size_t word_index_size = sizeof(word_indices); //crypto_auth_hmacsha512_init(&state, (unsigned char*)word_indices, sizeof(word_indices)); sha512_init(&state); - sha512_update(&state, (unsigned char*)word_indices, sizeof(word_indices)); + sha512_update(&state, *word_indices, word_indices->size()); sha512_update(&state, (unsigned char*)clearPassphrase.data(), clearPassphrase.size()); //crypto_auth_hmacsha512_update(&state, (unsigned char*)passphrase, pass_phrase_size); sha512_final(&state, hash); //crypto_auth_hmacsha512_final(&state, hash); - mm->releaseMemory(word_indices); + // debug passphrase -// printf("\passsphrase: <%s>\n", passphrase); - //printf("word_indices: \n%s\n", getHex((unsigned char*)word_indices, sizeof(word_indices)).data()); - /*printf("word_indices: \n"); + printf("\passsphrase: <%s>\n", passphrase); + printf("size word indices: %u\n", word_indices->size()); + std::string word_indicesHex = getHex(*word_indices, word_indices->size()); + printf("word_indices: \n%s\n", word_indicesHex.data()); + printf("word_indices: \n"); + Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data()); for (int i = 0; i < PHRASE_WORD_COUNT; i++) { if (i > 0) printf(" "); - printf("%4hu", word_indices[i]); + printf("%4hu", word_indices_p[i]); } printf("\n"); //*/ - //printf("\nclear passphrase: \n%s\n", clearPassphrase.data()); -// printf("passphrase bin: \n%s\n\n", getHex((unsigned char*)passphrase, pass_phrase_size).data()); + printf("\nclear passphrase: \n%s\n", clearPassphrase.data()); + std::string hex_clearPassphrase = getHex((const unsigned char*)clearPassphrase.data(), clearPassphrase.size()); + printf("passphrase bin: \n%s\n\n", hex_clearPassphrase.data()); + + + mm->releaseMemory(word_indices); + //ed25519_create_keypair(public_key, private_key, hash); private_key_t prv_key_t; @@ -149,10 +157,10 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo auto er = ErrorManager::getInstance(); auto mm = MemoryManager::getInstance(); - auto word_indices = mm->getFreeMemory(sizeof(Poco::UInt32) * PHRASE_WORD_COUNT); + auto word_indices = mm->getFreeMemory(sizeof(Poco::UInt64) * PHRASE_WORD_COUNT); Poco::UInt64* word_indices_p = (Poco::UInt64*)(word_indices->data()); - //unsigned long word_indices_old[PHRASE_WORD_COUNT] = { 0 }; - //memset(word_indices_old, 0, PHRASE_WORD_COUNT);// *sizeof(unsigned long)); + //Poco::UInt64 word_indices_old[PHRASE_WORD_COUNT] = { 0 }; + //memset(word_indices_old, 0, PHRASE_WORD_COUNT * sizeof(Poco::UInt64));// *sizeof(unsigned long)); memset(*word_indices, 0, word_indices->size()); //DHASH key = DRMakeStringHash(passphrase); @@ -163,12 +171,15 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo // get word indices for hmac key unsigned char word_cursor = 0; - for (auto it = passphrase.begin(); it != passphrase.end(); it++) { - if (*it == ' ' || *it == '\0') { - if (buffer_cursor < 3) continue; + for (auto it = passphrase.begin(); it != passphrase.end(); it++) + { + if (*it == ' ') { + if (buffer_cursor < 3) { + continue; + } if (word_source->isWordExist(acBuffer)) { word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer); - // word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer); + //word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer); } else { er->addError(new ParamError("KeyPair::generateFromPassphrase", "word didn't exist", acBuffer)); @@ -185,6 +196,12 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo acBuffer[buffer_cursor++] = *it; } } + if (word_source->isWordExist(acBuffer)) { + word_indices_p[word_cursor] = word_source->getWordIndex(acBuffer); + //word_indices_old[word_cursor] = word_source->getWordIndex(acBuffer); + word_cursor++; + } + //printf("word cursor: %d\n", word_cursor); /*if (memcmp(word_indices_p, word_indices_old, word_indices->size()) != 0) { printf("not identical\n"); @@ -195,10 +212,10 @@ MemoryBin* KeyPair::createWordIndices(const std::string& passphrase, const Mnemo std::string KeyPair::createClearPassphraseFromWordIndices(MemoryBin* word_indices, const Mnemonic* word_source) { - Poco::UInt32* word_indices_p = (Poco::UInt32*)word_indices->data(); + Poco::UInt64* word_indices_p = (Poco::UInt64*)word_indices->data(); std::string clearPassphrase; for (int i = 0; i < PHRASE_WORD_COUNT; i++) { - if (i * sizeof(Poco::UInt32) >= word_indices->size()) break; + if (i * sizeof(Poco::UInt64) >= word_indices->size()) break; auto word = word_source->getWord(word_indices_p[i]); if (word) { clearPassphrase += word; diff --git a/src/cpp/HTTPInterface/LoginPage.cpp b/src/cpp/HTTPInterface/LoginPage.cpp index e6faba2dd..4b8f144b8 100644 --- a/src/cpp/HTTPInterface/LoginPage.cpp +++ b/src/cpp/HTTPInterface/LoginPage.cpp @@ -43,7 +43,7 @@ void LoginPage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net:: auto em = ErrorManager::getInstance(); auto lang = chooseLanguage(request); - printf("choose language return: %d\n", lang); + //printf("choose language return: %d\n", lang); auto langCatalog = lm->getFreeCatalog(lang); std::string presetEmail(""); diff --git a/src/cpp/HTTPInterface/PageRequestMessagedHandler.cpp b/src/cpp/HTTPInterface/PageRequestMessagedHandler.cpp index 09bb2d41c..63b933703 100644 --- a/src/cpp/HTTPInterface/PageRequestMessagedHandler.cpp +++ b/src/cpp/HTTPInterface/PageRequestMessagedHandler.cpp @@ -33,7 +33,7 @@ Languages PageRequestMessagedHandler::chooseLanguage(Poco::Net::HTTPServerReques $lang = in_array($lang, $acceptLang) ? $lang : 'en'; */ std::string accept_languages = request.get("HTTP_ACCEPT_LANGUAGE", ""); - printf("[PageRequestMessagedHandler::chooseLanguage] accept header: %s\n", accept_languages.data()); + //printf("[PageRequestMessagedHandler::chooseLanguage] accept header: %s\n", accept_languages.data()); } } diff --git a/src/cpp/HTTPInterface/TranslatePassphrase.cpp b/src/cpp/HTTPInterface/TranslatePassphrase.cpp index 34c37b02c..425e011eb 100644 --- a/src/cpp/HTTPInterface/TranslatePassphrase.cpp +++ b/src/cpp/HTTPInterface/TranslatePassphrase.cpp @@ -51,6 +51,14 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P inputPassphrase = form.get("inputPassphrase", ""); auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase); + + auto btnGenerate = form.get("btnGenerate", ""); + if("" != btnGenerate) { + mSession->generatePassphrase(); + localPassphrase = mSession->getPassphrase(); + inputPassphrase = localPassphrase; + } + if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) { addError(new Error( gettext("Fehler"), @@ -65,10 +73,7 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource); } - auto btnGenerate = form.get("btnGenerate", ""); - if("" != btnGenerate) { - passphrase = mSession->generatePassphrase(); - } + } #line 3 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header.cpsp" @@ -195,7 +200,7 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P responseStream << "\n"; responseStream << "
\n"; responseStream << "\t

"; -#line 54 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 59 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" responseStream << ( gettext("Passphrase umwandeln") ); responseStream << "

\n"; responseStream << "
\n"; @@ -206,57 +211,57 @@ void TranslatePassphrase::handleRequest(Poco::Net::HTTPServerRequest& request, P responseStream << "\t
\n"; responseStream << "\t\t
\n"; responseStream << "\t\t
"; -#line 62 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 67 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" responseStream << ( gettext("Was zu tun ist:") ); responseStream << "
\n"; responseStream << "\t\t

"; -#line 63 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 68 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" responseStream << ( gettext("Kopiere/schreibe deine Passphrase in die Textbox und du bekommst sie in die jeweils andere Sprache umgewandelt.") ); responseStream << "

\n"; responseStream << "\t\t

"; -#line 64 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 69 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" responseStream << ( gettext("Du kannst mit beiden Varianten dein Konto wiederherstellen oder dein Passwort ändern.") ); responseStream << "

\n"; responseStream << "\t\t
\n"; responseStream << "\t
\n"; responseStream << "\t
\n"; responseStream << "\t\t
\n"; responseStream << "\t\t
\n"; responseStream << "\t\t\t\n"; responseStream << "\t\t
\n"; responseStream << "\t\t \n"; responseStream << "\t\t "; -#line 73 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" - if(controller::USER_ROLE_ADMIN == role) { responseStream << "\n"; +#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" + if(model::table::ROLE_ADMIN == role) { responseStream << "\n"; responseStream << "\t\t\t\n"; responseStream << "\t\t "; -#line 75 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 80 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" } responseStream << "\n"; responseStream << "\t\t
\n"; responseStream << "\t
\n"; responseStream << "\t "; -#line 78 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 83 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" if(passphrase != "") { responseStream << "\n"; responseStream << "\t\t
\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t\t\t
Umgewandelte Passphrase:
\n"; responseStream << "\t\t\t\t

"; -#line 82 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 87 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" responseStream << ( passphrase ); responseStream << "

\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t
\n"; responseStream << "\t "; -#line 85 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" +#line 90 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\translatePassphrase.cpsp" } responseStream << "\n"; responseStream << "\t \n"; responseStream << "\t\n"; diff --git a/src/cpp/ImportantTests.cpp b/src/cpp/ImportantTests.cpp new file mode 100644 index 000000000..b7427b23d --- /dev/null +++ b/src/cpp/ImportantTests.cpp @@ -0,0 +1,50 @@ +#include "ImportantTests.h" + +#include +#include "ServerConfig.h" +#include "Crypto/KeyPair.h" + +namespace ImportantTests { + + bool passphraseGenerationAndTransformation() + { + auto de_words = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]; + auto en_words = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]; + + std::string passphrase_1_de = "beziffern Anbeginn häkeln Sozialabgaben Rasen fließen Frau weltweit Urlaub Urwissen Lohn plötzlich Gefrierpunkt Derartig Biedermeier getragen denken Realisierung Boden maximal voneinander Fördern Braten Entlastung"; + std::string passphrase_1_en = "boil banner regret since goat awful crane imitate myth clump rally offer train airport purpose machine helmet ahead alley gesture load scrub river glory"; + std::string passphrase_1_pubkey_hex = "cfce9cfad355ceb8c099a97f55a2bd7aa8d2bd0b86970f7d1e135be9e1da5eb7"; + + std::string passphrase_2_de = "dazu Zyklus Danach Auge losfliegen besprechen stoßen ohne heutige Begründung Dogma Erkenntnis genießen Medaille Äste Google woher Sprache Pädagoge Schweigen rasant Sekunde nahm Nordstern"; + std::string passphrase_2_en = "place oblige gain jar neither note cry riot empty inform egg skate suffer garlic lake ladder liquid focus gorilla subject strong much oyster reduce"; + std::string passphrase_2_pubkey_hex = "3d547825bb53465579b95560981f444105495f2b6a68134fbec28ce518ac7b38"; + + KeyPair keys; + bool errorsOccured = false; + keys.generateFromPassphrase(passphrase_1_de.data(), de_words); + if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) { + printf("1 de incorrect\n"); + errorsOccured = true; + } + keys.generateFromPassphrase(passphrase_1_en.data(), en_words); + if (keys.getPubkeyHex() != passphrase_1_pubkey_hex) { + printf("1 en incorrect\n"); + errorsOccured = true; + } + + keys.generateFromPassphrase(passphrase_2_de.data(), de_words); + if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) { + printf("2 de incorrect\n"); + errorsOccured = true; + } + keys.generateFromPassphrase(passphrase_2_en.data(), en_words); + if (keys.getPubkeyHex() != passphrase_2_pubkey_hex) { + printf("2 en incorrect\n"); + errorsOccured = true; + } + + if (!errorsOccured) return true; + return false; + } + +} \ No newline at end of file diff --git a/src/cpp/ImportantTests.h b/src/cpp/ImportantTests.h new file mode 100644 index 000000000..1a0838d8f --- /dev/null +++ b/src/cpp/ImportantTests.h @@ -0,0 +1,8 @@ +#ifndef __GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H +#define __GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H + +namespace ImportantTests { + bool passphraseGenerationAndTransformation(); +}; + +#endif //__GRADIDO_LOGIN_SERVER_IMPORTANT_TESTS_H \ No newline at end of file diff --git a/src/cpp/controller/User.h b/src/cpp/controller/User.h index f181dd087..b8ac5f45f 100644 --- a/src/cpp/controller/User.h +++ b/src/cpp/controller/User.h @@ -8,12 +8,12 @@ namespace controller { - enum UserLoadedRole { + /*enum UserLoadedRole { USER_ROLE_NOT_LOADED, USER_ROLE_CURRENTLY_LOADING, USER_ROLE_NONE, USER_ROLE_ADMIN - }; + };*/ class User : public TableControllerBase { diff --git a/src/cpp/main.cpp b/src/cpp/main.cpp index 98e761d80..670206e33 100644 --- a/src/cpp/main.cpp +++ b/src/cpp/main.cpp @@ -7,6 +7,7 @@ #include "model/Session.h" #include "lib/Profiler.h" #include "ServerConfig.h" +#include "ImportantTests.h" #include "model/table/User.h" #include "model/table/EmailOptIn.h" @@ -19,13 +20,19 @@ int main(int argc, char** argv) GOOGLE_PROTOBUF_VERIFY_VERSION; if (sodium_init() < 0) { /* panic! the library couldn't be initialized, it is not safe to use */ - printf("error initing sodium, early exit\n"); + printf("error initializing sodium, early exit\n"); return -1; } - ServerConfig::g_versionString = "0.20.KW08.02"; + + + + ServerConfig::g_versionString = "0.20.KW08.04"; printf("User size: %d Bytes, Session size: %d Bytes\n", sizeof(User), sizeof(Session)); printf("model sizes: User: %d Bytes, EmailOptIn: %d Bytes\n", sizeof(model::table::User), sizeof(model::table::EmailOptIn)); - + if (!ImportantTests::passphraseGenerationAndTransformation()) { + printf("test passphrase generation and transformation failed\n"); + return -2; + } Gradido_LoginServer app; return app.run(argc, argv); diff --git a/src/cpp/model/Session.cpp b/src/cpp/model/Session.cpp index b9e2e7298..92058b224 100644 --- a/src/cpp/model/Session.cpp +++ b/src/cpp/model/Session.cpp @@ -698,7 +698,7 @@ bool Session::deleteUser() void Session::setLanguage(Languages lang) { - printf("[Session::setLanguage] new language: %d\n", lang); + //printf("[Session::setLanguage] new language: %d\n", lang); lock("Session::setLanguage"); if (mLanguageCatalog.isNull() || mLanguageCatalog->getLanguage() != lang) { auto lm = LanguageManager::getInstance(); @@ -926,13 +926,13 @@ bool Session::useOrGeneratePassphrase(const std::string& passphase) bool Session::generatePassphrase() { auto lang = getLanguage(); - /*if (lang == LANG_EN) { + if (lang == LANG_EN) { mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER]); } else { mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]); - }*/ - mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]); + } + //mPassphrase = User::generateNewPassphrase(&ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]); updateState(SESSION_STATE_PASSPHRASE_GENERATED); return true; } diff --git a/src/cpsp/login.cpsp b/src/cpsp/login.cpsp index c73c029e3..e3890df74 100644 --- a/src/cpsp/login.cpsp +++ b/src/cpsp/login.cpsp @@ -22,7 +22,7 @@ auto em = ErrorManager::getInstance(); auto lang = chooseLanguage(request); - printf("choose language return: %d\n", lang); + //printf("choose language return: %d\n", lang); auto langCatalog = lm->getFreeCatalog(lang); std::string presetEmail(""); diff --git a/src/cpsp/translatePassphrase.cpsp b/src/cpsp/translatePassphrase.cpsp index e6f84ebd6..5a3c5e438 100644 --- a/src/cpsp/translatePassphrase.cpsp +++ b/src/cpsp/translatePassphrase.cpsp @@ -30,6 +30,14 @@ inputPassphrase = form.get("inputPassphrase", ""); auto localPassphrase = KeyPair::filterPassphrase(inputPassphrase); + + auto btnGenerate = form.get("btnGenerate", ""); + if("" != btnGenerate) { + mSession->generatePassphrase(); + localPassphrase = mSession->getPassphrase(); + inputPassphrase = localPassphrase; + } + if(localPassphrase != "" && !User::validatePassphrase(localPassphrase, &wordSource)) { addError(new Error( gettext("Fehler"), @@ -44,10 +52,7 @@ passphrase = KeyPair::passphraseTransform(localPassphrase, wordSource, targetSource); } - auto btnGenerate = form.get("btnGenerate", ""); - if("" != btnGenerate) { - passphrase = mSession->generatePassphrase(); - } + } %><%@ include file="login_header.cpsp" %><%@ include file="flags.cpsp" %>
@@ -70,7 +75,7 @@
- <% if(controller::USER_ROLE_ADMIN == role) { %> + <% if(model::table::ROLE_ADMIN == role) { %> <% } %>