From 9f010cc5df97104de4765bb8a0110cb828c598c3 Mon Sep 17 00:00:00 2001 From: Dario Date: Thu, 25 Jun 2020 12:06:46 +0200 Subject: [PATCH] use controller::User in RepairDefectPassphrase --- .../HTTPInterface/RepairDefectPassphrase.cpp | 132 +++++++++--------- src/cpsp/repairDefectPassphrase.cpsp | 100 +++++++------ 2 files changed, 112 insertions(+), 120 deletions(-) diff --git a/src/cpp/HTTPInterface/RepairDefectPassphrase.cpp b/src/cpp/HTTPInterface/RepairDefectPassphrase.cpp index 25430791b..5a7b323f2 100644 --- a/src/cpp/HTTPInterface/RepairDefectPassphrase.cpp +++ b/src/cpp/HTTPInterface/RepairDefectPassphrase.cpp @@ -10,6 +10,9 @@ #include "../SingletonManager/MemoryManager.h" #include "../SingletonManager/EmailManager.h" #include "../Crypto/KeyPair.h" +#include "../Crypto/Passphrase.h" +#include "../Crypto/KeyPairEd25519.h" +#include "../lib/DataTypeConverter.h" #include "../controller/UserBackups.h" #include "../tasks/SigningTransaction.h" #include "../ServerConfig.h" @@ -20,6 +23,8 @@ #include "Poco/Net/HTTPRequest.h" #include "Poco/Net/HTTPResponse.h" +#include + enum PageState { GENERATE_PASSPHRASE, @@ -48,14 +53,14 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request if (_compressResponse) response.set("Content-Encoding", "gzip"); Poco::Net::HTMLForm form(request, request.stream()); -#line 31 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 36 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" auto mm = MemoryManager::getInstance(); auto em = EmailManager::getInstance(); - auto user = mSession->getUser(); - auto privKey = user->getPrivKey(); + auto new_user = mSession->getNewUser(); + auto user_model = new_user->getModel(); auto adminEmail = em->getAdminReceiver(); - Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]; + Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES]; std::string pageName = "Repariere Defekte Passphrase"; std::string errorString = ""; @@ -71,52 +76,46 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request printf("btn: %s\n", btn.data()); printf("btn2: %s\n", btn2.data()); if(btn == "Neue Passphrase generieren!") - { - if(!mSession->generatePassphrase()) + { + auto passphrase = Passphrase::generate(wordSource); + if(!passphrase->checkIfValid()) { - addError(new Error("Passphrase", "Fehler beim generieren der Passphrase, evt. erneut versuchen!")); + addError(new Error("Passphrase", "Fehler beim generieren oder validieren der Passphrase, evt. erneut versuchen!")); } else - { - auto newPassphrase = mSession->getPassphrase(); - if(!User::validatePassphrase(newPassphrase, &wordSource)) - { - addError(new Error("Passphrase", "Fehler beim validieren der Passphrase")); - } - else - { - KeyPair keys; - if(!keys.generateFromPassphrase(newPassphrase.data(), wordSource)) - { - addError(new Error("Passphrase", "Konnte keine Keys aus der Passphrase generieren")); - } - else - { - auto newPassphraseModel = controller::UserBackups::create(user->getDBId(), newPassphrase); - auto result = newPassphraseModel->getModel()->insertIntoDB(false); - //state = SHOW_PASSPHRASE; - if(result) { - state = SHOW_PASSPHRASE; - } else { - addError(new Error("Speichern", "Fehler beim speichern der neuen Passphrase, evt. erneut versuchen!")); - }//*/ - } + { + mSession->setPassphrase(passphrase); + auto newPassphraseModel = controller::UserBackups::create( + user_model->getID(), + passphrase->getString(), + ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES + ); + auto result = newPassphraseModel->getModel()->insertIntoDB(false); + //state = SHOW_PASSPHRASE; + if(result) { + state = SHOW_PASSPHRASE; + } else { + addError(new Error("Speichern", "Fehler beim speichern der neuen Passphrase, evt. erneut versuchen!")); } } } else if("" != btn2) { - KeyPair keys; - auto newPassphrase = mSession->getPassphrase(); - if(!User::validatePassphrase(newPassphrase, &wordSource) || !keys.generateFromPassphrase(mSession->getPassphrase().data(), wordSource)) { + auto passphrase = mSession->getPassphrase(); + auto new_gradido_key_pair = std::unique_ptr(KeyPairEd25519::create(passphrase)); + + if(passphrase.isNull() || !passphrase->checkIfValid()) { addError(new Error("Passphrase", "Ungültige Passphrase, bitte neuladen")); } + if(!new_gradido_key_pair) { + addError(new Error("Keys", "Konnte keine Keys erstellen, bitte neuladen")); + } // create payload Poco::JSON::Object requestJson; Poco::JSON::Object pubkeys; - pubkeys.set("sender", user->getPublicKeyHex()); - pubkeys.set("receiver", keys.getPubkeyHex()); + pubkeys.set("sender", user_model->getPublicKeyHex()); + pubkeys.set("receiver", DataTypeConverter::pubkeyToHex(new_gradido_key_pair->getPublicKey())); requestJson.set("method", "moveTransaction"); requestJson.set("pubkeys", pubkeys); requestJson.set("memo", form.get("memo", "")); @@ -169,24 +168,21 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request if(!currentActiveTransaction->isTransfer()) { addError(new Error("Transaction", "Falsche Transaktion, bitte erst alle anderen Transaktionen abschließen und dann Seite neuladen")); } else { - auto signing = new SigningTransaction(currentActiveTransaction, user); + auto signing = new SigningTransaction(currentActiveTransaction, new_user); printf("[repairDefectPassphrase] before running sign\n"); if(!signing->run()) { - auto newUser = mSession->getNewUser(); - auto newUserModel = newUser->getModel(); - auto cryptedPrivKey = user->encrypt(keys.getPrivateKey()); - newUserModel->setPublicKey(keys.getPublicKey()); - newUserModel->setPrivateKey(cryptedPrivKey); - mm->releaseMemory(cryptedPrivKey); - if(!newUserModel->updatePrivkey() || !newUserModel->updatePublickey()) { - printf("[repairDefectPassphrase] error saving keys\n"); - addError(new Error("Speichern", "Fehler beim speichern der neuen Keys in die Datenbank, bitte erneut versuchen (Seite neuladen)")); + + if(new_user->setGradidoKeyPair(new_gradido_key_pair.release()) != 1) { + addError(new Error("Neues Schlüsselpaar", "Neuer Private Key konnte nicht verschlüsselt werden!")); } else { - //response.redirect(ServerConfig::g_serverPath + "/logout"); - //return; - printf("[repairDefectPassphrase] set state to FINISH\n"); - state = FINISH; + if(user_model->updatePubkeyAndPrivkey() != 1) { + addError(new Error("Speichern", "Fehler beim speichern der neuen Keys in die Datenbank, bitte erneut versuchen (Seite neuladen)")); + } else { + //printf("[repairDefectPassphrase] set state to FINISH\n"); + state = FINISH; + } } + } else { addError(new Error("Transaction", "Fehler beim signieren, bitter erneut versuchen")); } @@ -204,7 +200,7 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request //state = CREATE_TRANSACTION; } } - mm->releaseMemory(privKey); + std::ostream& _responseStream = response.send(); Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1); @@ -274,55 +270,55 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request responseStream << "\n"; // end include header_old.cpsp responseStream << "\n"; -#line 189 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 185 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" if("" != errorString) { responseStream << "\n"; responseStream << "\t"; -#line 190 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 186 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" responseStream << ( errorString ); responseStream << "\n"; -#line 191 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 187 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } responseStream << "\n"; responseStream << "
\n"; responseStream << "\t"; -#line 193 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 189 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" responseStream << ( getErrorsHtml() ); responseStream << "\n"; responseStream << "\t

Konto reparieren

\n"; responseStream << "\t

Der Login-Server hat festgestellt das die gespeicherte Passphrase nicht zu deinem Konto passt.

\n"; responseStream << "\t"; -#line 196 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 192 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" if(GENERATE_PASSPHRASE == state) { responseStream << "\n"; responseStream << "\t\t"; -#line 197 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" - if(privKey) { responseStream << "\n"; +#line 193 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" + if(new_user->canDecryptPrivateKey()) { responseStream << "\n"; responseStream << "\t\t\t

Dein Privat Key konnte noch entschlüsselt werden. Es könnte also eine neue Passphrase generiert werden und dein aktueller Kontostand\n"; responseStream << "\t\t\tauf die neue Adresse transferiert werden.

\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t\t\t\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t"; -#line 203 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 199 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } else { responseStream << "\n"; responseStream << "\t\t\t

Dein Privat Key konnte nicht entschlüsselt werden. Bitte wende dich an den Admin: "; -#line 204 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 200 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" responseStream << ( adminEmail ); responseStream << "

\n"; responseStream << "\t\t"; -#line 205 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 201 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } responseStream << "\n"; responseStream << "\t"; -#line 206 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 202 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } else if(SHOW_PASSPHRASE == state) { responseStream << "\n"; responseStream << "\t\t

Deine neue Passphrase, bitte schreibe sie dir auf (am besten auf einen Zettel) und hebe sie gut auf. \n"; responseStream << "\t\tDu brauchst sie wenn du dein Passwort vergessen hast oder dein Konto umziehen möchtest:

\n"; responseStream << "\t\t
Deine neue Passphrase:\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t\t\t"; -#line 211 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" - responseStream << ( mSession->getPassphrase() ); +#line 207 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" + responseStream << ( mSession->getPassphrase()->getString() ); responseStream << "\n"; responseStream << "\t\t\t
\n"; responseStream << "\t\t
\n"; @@ -332,15 +328,15 @@ void RepairDefectPassphrase::handleRequest(Poco::Net::HTTPServerRequest& request responseStream << "\t\t\t

\n"; responseStream << "\t\t\n"; responseStream << "\t"; -#line 219 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 215 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } else if(FINISH == state) { responseStream << "\n"; responseStream << "\t\t

Neue Daten erfolgreich gespeichert, bitte logge dich nun aus. Danach kannst du dich gerne wieder einloggen und müsstest dein Guthaben wieder auf deinem Konto haben.

\n"; responseStream << "\t\tAusloggen\n"; responseStream << "\t"; -#line 222 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" +#line 218 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\repairDefectPassphrase.cpsp" } responseStream << "\n"; responseStream << "
\n"; // begin include footer.cpsp diff --git a/src/cpsp/repairDefectPassphrase.cpsp b/src/cpsp/repairDefectPassphrase.cpsp index 04f9962dc..fc9eba7fd 100644 --- a/src/cpsp/repairDefectPassphrase.cpsp +++ b/src/cpsp/repairDefectPassphrase.cpsp @@ -8,6 +8,9 @@ #include "../SingletonManager/MemoryManager.h" #include "../SingletonManager/EmailManager.h" #include "../Crypto/KeyPair.h" +#include "../Crypto/Passphrase.h" +#include "../Crypto/KeyPairEd25519.h" +#include "../lib/DataTypeConverter.h" #include "../controller/UserBackups.h" #include "../tasks/SigningTransaction.h" #include "../ServerConfig.h" @@ -18,6 +21,8 @@ #include "Poco/Net/HTTPRequest.h" #include "Poco/Net/HTTPResponse.h" +#include + enum PageState { GENERATE_PASSPHRASE, @@ -31,10 +36,10 @@ enum PageState <%% auto mm = MemoryManager::getInstance(); auto em = EmailManager::getInstance(); - auto user = mSession->getUser(); - auto privKey = user->getPrivKey(); + auto new_user = mSession->getNewUser(); + auto user_model = new_user->getModel(); auto adminEmail = em->getAdminReceiver(); - Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER]; + Mnemonic* wordSource = &ServerConfig::g_Mnemonic_WordLists[ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES]; std::string pageName = "Repariere Defekte Passphrase"; std::string errorString = ""; @@ -50,52 +55,46 @@ enum PageState printf("btn: %s\n", btn.data()); printf("btn2: %s\n", btn2.data()); if(btn == "Neue Passphrase generieren!") - { - if(!mSession->generatePassphrase()) + { + auto passphrase = Passphrase::generate(wordSource); + if(!passphrase->checkIfValid()) { - addError(new Error("Passphrase", "Fehler beim generieren der Passphrase, evt. erneut versuchen!")); + addError(new Error("Passphrase", "Fehler beim generieren oder validieren der Passphrase, evt. erneut versuchen!")); } else - { - auto newPassphrase = mSession->getPassphrase(); - if(!User::validatePassphrase(newPassphrase, &wordSource)) - { - addError(new Error("Passphrase", "Fehler beim validieren der Passphrase")); - } - else - { - KeyPair keys; - if(!keys.generateFromPassphrase(newPassphrase.data(), wordSource)) - { - addError(new Error("Passphrase", "Konnte keine Keys aus der Passphrase generieren")); - } - else - { - auto newPassphraseModel = controller::UserBackups::create(user->getDBId(), newPassphrase); - auto result = newPassphraseModel->getModel()->insertIntoDB(false); - //state = SHOW_PASSPHRASE; - if(result) { - state = SHOW_PASSPHRASE; - } else { - addError(new Error("Speichern", "Fehler beim speichern der neuen Passphrase, evt. erneut versuchen!")); - }//*/ - } + { + mSession->setPassphrase(passphrase); + auto newPassphraseModel = controller::UserBackups::create( + user_model->getID(), + passphrase->getString(), + ServerConfig::MNEMONIC_GRADIDO_BOOK_GERMAN_RANDOM_ORDER_FIXED_CASES + ); + auto result = newPassphraseModel->getModel()->insertIntoDB(false); + //state = SHOW_PASSPHRASE; + if(result) { + state = SHOW_PASSPHRASE; + } else { + addError(new Error("Speichern", "Fehler beim speichern der neuen Passphrase, evt. erneut versuchen!")); } } } else if("" != btn2) { - KeyPair keys; - auto newPassphrase = mSession->getPassphrase(); - if(!User::validatePassphrase(newPassphrase, &wordSource) || !keys.generateFromPassphrase(mSession->getPassphrase().data(), wordSource)) { + auto passphrase = mSession->getPassphrase(); + auto new_gradido_key_pair = std::unique_ptr(KeyPairEd25519::create(passphrase)); + + if(passphrase.isNull() || !passphrase->checkIfValid()) { addError(new Error("Passphrase", "Ungültige Passphrase, bitte neuladen")); } + if(!new_gradido_key_pair) { + addError(new Error("Keys", "Konnte keine Keys erstellen, bitte neuladen")); + } // create payload Poco::JSON::Object requestJson; Poco::JSON::Object pubkeys; - pubkeys.set("sender", user->getPublicKeyHex()); - pubkeys.set("receiver", keys.getPubkeyHex()); + pubkeys.set("sender", user_model->getPublicKeyHex()); + pubkeys.set("receiver", DataTypeConverter::pubkeyToHex(new_gradido_key_pair->getPublicKey())); requestJson.set("method", "moveTransaction"); requestJson.set("pubkeys", pubkeys); requestJson.set("memo", form.get("memo", "")); @@ -148,24 +147,21 @@ enum PageState if(!currentActiveTransaction->isTransfer()) { addError(new Error("Transaction", "Falsche Transaktion, bitte erst alle anderen Transaktionen abschließen und dann Seite neuladen")); } else { - auto signing = new SigningTransaction(currentActiveTransaction, user); + auto signing = new SigningTransaction(currentActiveTransaction, new_user); printf("[repairDefectPassphrase] before running sign\n"); if(!signing->run()) { - auto newUser = mSession->getNewUser(); - auto newUserModel = newUser->getModel(); - auto cryptedPrivKey = user->encrypt(keys.getPrivateKey()); - newUserModel->setPublicKey(keys.getPublicKey()); - newUserModel->setPrivateKey(cryptedPrivKey); - mm->releaseMemory(cryptedPrivKey); - if(!newUserModel->updatePrivkey() || !newUserModel->updatePublickey()) { - printf("[repairDefectPassphrase] error saving keys\n"); - addError(new Error("Speichern", "Fehler beim speichern der neuen Keys in die Datenbank, bitte erneut versuchen (Seite neuladen)")); + + if(new_user->setGradidoKeyPair(new_gradido_key_pair.release()) != 1) { + addError(new Error("Neues Schlüsselpaar", "Neuer Private Key konnte nicht verschlüsselt werden!")); } else { - //response.redirect(ServerConfig::g_serverPath + "/logout"); - //return; - printf("[repairDefectPassphrase] set state to FINISH\n"); - state = FINISH; + if(user_model->updatePubkeyAndPrivkey() != 1) { + addError(new Error("Speichern", "Fehler beim speichern der neuen Keys in die Datenbank, bitte erneut versuchen (Seite neuladen)")); + } else { + //printf("[repairDefectPassphrase] set state to FINISH\n"); + state = FINISH; + } } + } else { addError(new Error("Transaction", "Fehler beim signieren, bitter erneut versuchen")); } @@ -183,7 +179,7 @@ enum PageState //state = CREATE_TRANSACTION; } } - mm->releaseMemory(privKey); + %><%@ include file="header_old.cpsp" %> <% if("" != errorString) { %> @@ -194,7 +190,7 @@ enum PageState

Konto reparieren

Der Login-Server hat festgestellt das die gespeicherte Passphrase nicht zu deinem Konto passt.

<% if(GENERATE_PASSPHRASE == state) { %> - <% if(privKey) { %> + <% if(new_user->canDecryptPrivateKey()) { %>

Dein Privat Key konnte noch entschlüsselt werden. Es könnte also eine neue Passphrase generiert werden und dein aktueller Kontostand auf die neue Adresse transferiert werden.

@@ -208,7 +204,7 @@ enum PageState Du brauchst sie wenn du dein Passwort vergessen hast oder dein Konto umziehen möchtest:

Deine neue Passphrase:
- <%= mSession->getPassphrase() %> + <%= mSession->getPassphrase()->getString() %>