work on signing transaction, fix bug with elopage webhook early exit

2025-12-13 07:45:54 +00:00 · 2019-10-29 10:34:06 +01:00 · 2019-10-29 10:34:06 +01:00 · a32df319c4
commit a32df319c4
parent ecee2f079f
10 changed files with 106 additions and 8 deletions
--- a/src/cpp/Gradido_LoginServer.cpp
+++ b/src/cpp/Gradido_LoginServer.cpp
@ -186,6 +186,9 @@ int Gradido_LoginServer::main(const std::vector<std::string>& args)

 		ServerConfig::unload();
 		Poco::Net::uninitializeSSL();
+		// Optional:  Delete all global objects allocated by libprotobuf.
+		google::protobuf::ShutdownProtobufLibrary();
+
 	}
 	return Application::EXIT_OK;
 }
--- a/src/cpp/HTTPInterface/ElopageWebhook.cpp
+++ b/src/cpp/HTTPInterface/ElopageWebhook.cpp
@ -82,6 +82,13 @@ void ElopageWebhook::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::
 				break;
 			}
 		}
+		// last key-value pair
+		std::string urlDecodedValue;
+		Poco::URI::decode(valueBuffer, urlDecodedValue);
+		if (strcmp(keyBuffer, "")) {
+			elopageRequestData.set(keyBuffer, urlDecodedValue);
+		}
+
 		//printf("[ElopageWebhook::handleRequest] key: %s, value: %s\n", keyBuffer, valueBuffer);
 	///	elopageRequestData.set(keyBuffer, valueBuffer);
 		stream.good();
--- a/src/cpp/SingletonManager/ErrorManager.cpp
+++ b/src/cpp/SingletonManager/ErrorManager.cpp
@ -56,6 +56,17 @@ void ErrorManager::addError(Error* error)

 }

+int ErrorManager::getErrors(ErrorList* send)
+{
+	Error* error = nullptr;
+	int iCount = 0;
+	while (error = send->getLastError()) {
+		addError(error);
+		iCount++;
+	}
+	return iCount;
+}
+
 void ErrorManager::sendErrorsAsEmail()
 {
 	auto message = new Poco::Net::MailMessage();
--- a/src/cpp/SingletonManager/ErrorManager.h
+++ b/src/cpp/SingletonManager/ErrorManager.h
@ -15,7 +15,7 @@
 #include <list>
 #include <map>
 #include <cstring>
-#include "../model/Error.h"
+#include "../model/ErrorList.h"
 #include "../Crypto/DRHash.h"
 #include "../tasks/CPUTask.h"

@ -33,6 +33,8 @@ public:
 	// will called delete on error 
 	virtual void addError(Error* error);

+	int getErrors(ErrorList* send);
+
 	virtual void sendErrorsAsEmail();

 protected:
--- a/src/cpp/model/Session.cpp
+++ b/src/cpp/model/Session.cpp
@ -8,8 +8,10 @@
 #include "../SingletonManager/SessionManager.h"
 #include "../SingletonManager/ConnectionManager.h"
 #include "../SingletonManager/ErrorManager.h"
+
 #include "../tasks/PrepareEmailTask.h"
 #include "../tasks/SendEmailTask.h"
+#include "../tasks/SigningTransaction.h"


 #include "sodium.h"
@ -344,7 +346,8 @@ void Session::finalizeTransaction(bool sign, bool reject)
 	
 	if (!reject) {
 		if (sign) {
-
+			Poco::AutoPtr<SigningTransaction> signingTransaction(new SigningTransaction(mCurrentActiveProcessingTransaction, mSessionUser));
+			signingTransaction->scheduleTask(signingTransaction);
 		}
 	}
 	mCurrentActiveProcessingTransaction = nullptr;
--- a/src/cpp/model/User.cpp
+++ b/src/cpp/model/User.cpp
@ -693,6 +693,35 @@ Poco::Data::BLOB* User::encrypt(const ObfusArray* data)
 	return result_blob;
 }

+ObfusArray* User::decrypt(const ObfusArray* encryptedData)
+{
+	if (!hasCryptoKey()) {
+		addError(new Error("User::decrypt", "hasn't crypto key"));
+		return nullptr;
+	}
+
+	//ObfusArray* decrypetData = new ObfusArray(encryptedData->size() - crypto_secretbox_MACBYTES);
+	
+	size_t decryptSize = encryptedData->size() - crypto_secretbox_MACBYTES;
+	unsigned char* decryptBuffer = (unsigned char*)malloc(decryptSize);
+	unsigned char nonce[crypto_secretbox_NONCEBYTES];
+	// we use a hardcoded value for nonce
+	memset(nonce, 31, crypto_secretbox_NONCEBYTES);
+
+	if (crypto_secretbox_open_easy(decryptBuffer, *encryptedData, encryptedData->size(), nonce, *mCryptoKey)) {
+		free(decryptBuffer);
+		addError(new Error("User::decrypt", "error decrypting"));
+		return nullptr;
+	}
+	/*int crypto_secretbox_open_easy(unsigned char *m, const unsigned char *c,
+		unsigned long long clen, const unsigned char *n,
+		const unsigned char *k);*/
+
+	ObfusArray* decryptedData = new ObfusArray(decryptSize, decryptBuffer);
+	free(decryptBuffer);
+	return decryptedData;	
+}
+
 Poco::Data::Statement User::insertIntoDB(Poco::Data::Session session)
 {

@ -779,4 +808,17 @@ const char* User::userStateToString(UserStates state)
 	case USER_COMPLETE: return "complete";
 	}
 	return "- unknown -";
+}
+
+ObfusArray* User::getPrivKey()
+{
+	if (mState != USER_COMPLETE) {
+		addError(new Error("User::getPrivKey", "no private key saved"));
+		return nullptr;
+	}
+	if (!hasCryptoKey()) {
+		addError(new Error("User::getPrivKey", "no crypto key set for decrypting priv key"));
+		return nullptr;
+	}
+	return decrypt(mPrivateKey);
 }
--- a/src/cpp/model/User.h
+++ b/src/cpp/model/User.h
@ -16,7 +16,7 @@ class UserCreateCryptoKey;
 class UserWriteIntoDB;
 class Session;
 class UserWriteCryptoKeyHashIntoDB;
-
+class SigningTransaction;

 enum UserStates
 {
@ -44,6 +44,7 @@ class User : public ErrorList
 	friend UserCreateCryptoKey;
 	friend UserWriteIntoDB;
 	friend UserWriteCryptoKeyHashIntoDB;
+	friend SigningTransaction;
 public:
 	// new user
 	User(const char* email, const char* first_name, const char* last_name);
@ -88,6 +89,7 @@ public:
 	bool validateIdentHash(HASH hash);
 	
 	Poco::Data::BLOB* encrypt(const ObfusArray* data);
+	ObfusArray* decrypt(const ObfusArray* encryptedData);

 	Poco::JSON::Object getJson();

@ -113,7 +115,7 @@ protected:
 	inline void lock() { mWorkingMutex.lock(); }
 	inline void unlock() { mWorkingMutex.unlock(); }

-	
+	ObfusArray* getPrivKey();

 private:
 	UserStates mState;
--- a/src/cpp/tasks/ProcessingTransaction.h
+++ b/src/cpp/tasks/ProcessingTransaction.h
@ -24,9 +24,11 @@ enum TransactionType {

 class TransactionCreation;
 class TransactionTransfer;
+class SigningTransaction;

 class ProcessingTransaction : public UniLib::controller::CPUTask, public ErrorList
 {
+	friend SigningTransaction;
 public:
 	ProcessingTransaction(const std::string& proto_message_base64);
 	virtual ~ProcessingTransaction();
--- a/src/cpp/tasks/SigningTransaction.cpp
+++ b/src/cpp/tasks/SigningTransaction.cpp
@ -1,7 +1,9 @@
 #include "SigningTransaction.h"

-SigningTransaction::SigningTransaction(Poco::AutoPtr<ProcessingTransaction> transactionBody)
-	: mTransactionBody(transactionBody)
+#include "../SingletonManager/ErrorManager.h"
+
+SigningTransaction::SigningTransaction(Poco::AutoPtr<ProcessingTransaction> processingeTransaction, Poco::AutoPtr<User> user)
+	: mProcessingeTransaction(processingeTransaction), mUser(user)
 {

 }
@ -12,5 +14,27 @@ SigningTransaction::~SigningTransaction()
 }

 int SigningTransaction::run() {
+	auto em = ErrorManager::getInstance();
+
+
+	Error* transactionError = new Error("SigningTransaction start", mProcessingeTransaction->mTransactionBody.SerializeAsString().data());
+	
+	//= new Error("SigningTransaction start", mProcessingeTransaction->g)
+	if (mUser.isNull() || !mUser->hasCryptoKey()) {
+		em->addError(new Error("SigningTransaction", "user hasn't crypto key or is null"));
+		em->sendErrorsAsEmail();
+		return -1;
+	}
+
+	auto privKey = mUser->getPrivKey();
+	if (!privKey) {
+		em->getErrors(mUser);
+		em->addError(new Error("SigningTransaction", "couldn't get user priv key"));
+		em->sendErrorsAsEmail();
+		return -2;
+	}
+
+	delete privKey;
+
 	return 0;
 }
--- a/src/cpp/tasks/SigningTransaction.h
+++ b/src/cpp/tasks/SigningTransaction.h
@ -5,6 +5,7 @@

 #include "../model/ErrorList.h"
 #include "../model/TransactionBase.h"
+#include "../model/User.h"

 #include "../proto/gradido/Transaction.pb.h"

@ -20,7 +21,7 @@
 class SigningTransaction : public UniLib::controller::CPUTask, public ErrorList
 {
 public:
-	SigningTransaction(Poco::AutoPtr<ProcessingTransaction> transactionBody);
+	SigningTransaction(Poco::AutoPtr<ProcessingTransaction> processingeTransaction, Poco::AutoPtr<User> user);
 	virtual ~SigningTransaction();

 	int run();
@ -30,7 +31,8 @@ public:
 	

 protected:
-	Poco::AutoPtr<ProcessingTransaction> mTransactionBody;
+	Poco::AutoPtr<ProcessingTransaction> mProcessingeTransaction;
+	Poco::AutoPtr<User>	mUser;
 	
 private: