adding debugging passphrase

src/cpp/Crypto/KeyPair.cpp

@@ -90,7 +90,8 @@ bool KeyPair::generateFromPassphrase(const char* passphrase, Mnemonic* word_sour
 	
 	// debug passphrase
 //	printf("\passsphrase: <%s>\n", passphrase);
-//	printf("word_indices: \n%s\n", getHex((unsigned char*)word_indices, sizeof(word_indices)).data());
+	printf("word_indices: \n%s\n", getHex((unsigned char*)word_indices, sizeof(word_indices)).data());
+	printf("clear passphrase: \n%s\n", clearPassphrase.data());
 //	printf("passphrase bin: \n%s\n\n", getHex((unsigned char*)passphrase, pass_phrase_size).data());
 
 	//ed25519_create_keypair(public_key, private_key, hash);
@@ -212,6 +213,11 @@ std::string KeyPair::getHex(const unsigned char* data, Poco::UInt32 size)
 	return hex;
 }
 
+std::string KeyPair::getHex(const MemoryBin* data)
+{
+	return getHex(*data, data->size());
+}
+
 bool KeyPair::savePrivKey(int userId)
 {
 	auto cm = ConnectionManager::getInstance();

src/cpp/Crypto/KeyPair.h

@@ -12,11 +12,13 @@
 
 class UserWriteKeysIntoDB;
 class UserGenerateKeys;
+class DebugPassphrasePage;
 // TODO: https://libsodium.gitbook.io/doc/advanced/ed25519-curve25519
 class KeyPair 
 {
 	friend UserWriteKeysIntoDB;
 	friend UserGenerateKeys;
+	friend DebugPassphrasePage;
 public:
 	KeyPair();
 	~KeyPair();
@@ -26,6 +28,7 @@ public:
 	std::string getPubkeyHex();
 	bool savePrivKey(int userId);
 	static std::string getHex(const unsigned char* data, Poco::UInt32 size);
+	static std::string getHex(const MemoryBin* data);
 	
 	inline const unsigned char* getPublicKey() const { return mSodiumPublic; }
 

src/cpp/HTTPInterface/DebugPassphrasePage.cpp

@@ -0,0 +1,187 @@
+#include "DebugPassphrasePage.h"
+#include "Poco/Net/HTTPServerRequest.h"
+#include "Poco/Net/HTTPServerResponse.h"
+#include "Poco/Net/HTMLForm.h"
+#include "Poco/DeflatingStream.h"
+
+
+#line 7 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+
+#include "../crypto/KeyPair.h"
+#line 1 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
+ 
+#include "../ServerConfig.h"	
+
+
+DebugPassphrasePage::DebugPassphrasePage(Session* arg):
+	SessionHTTPRequestHandler(arg)
+{
+}
+
+
+void DebugPassphrasePage::handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response)
+{
+	response.setChunkedTransferEncoding(true);
+	response.setContentType("text/html");
+	bool _compressResponse(request.hasToken("Accept-Encoding", "gzip"));
+	if (_compressResponse) response.set("Content-Encoding", "gzip");
+
+	Poco::Net::HTMLForm form(request, request.stream());
+#line 10 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+
+	const char* pageName = "Debug Passphrase";
+	auto mm = MemoryManager::getInstance();
+	KeyPair keys;
+	std::string privKeyHex = "";
+	std::string privKeyCryptedHex = "";
+	User::passwordHashed pwdHashed = 0;
+	if(!form.empty()) {
+		auto passphrase = KeyPair::filterPassphrase(form.get("passphrase", ""));
+		Mnemonic* wordSource = nullptr;
+		if(!User::validatePassphrase(passphrase, &wordSource)) {
+			addError(new Error("debug Passphrase", "invalid passphrase"));
+		} else {
+			keys.generateFromPassphrase(passphrase.data(), wordSource);
+		}
+		auto newUser = new User(form.get("email", "").data(), "first_name", "last_name");
+		newUser->validatePwd(form.get("password", ""), this);
+		pwdHashed = newUser->getPwdHashed();
+		auto privKey = keys.getPrivateKey();
+		if(privKey) {
+			privKeyHex = KeyPair::getHex(privKey);
+			auto privKeyCrypted = newUser->encrypt(privKey);
+			if(privKeyCrypted) {
+				privKeyCryptedHex = KeyPair::getHex(privKeyCrypted);
+				mm->releaseMemory(privKeyCrypted);
+			}
+		}
+		getErrors(newUser);
+		delete newUser;
+	}
+		
+	
+	std::ostream& _responseStream = response.send();
+	Poco::DeflatingOutputStream _gzipStream(_responseStream, Poco::DeflatingStreamBuf::STREAM_GZIP, 1);
+	std::ostream& responseStream = _compressResponse ? _gzipStream : _responseStream;
+	responseStream << "\n";
+	// begin include header_old.cpsp
+	responseStream << "\n";
+	responseStream << "<!DOCTYPE html>\n";
+	responseStream << "<html>\n";
+	responseStream << "<head>\n";
+	responseStream << "<meta charset=\"UTF-8\">\n";
+	responseStream << "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n";
+	responseStream << "<title>Gradido Login Server: ";
+#line 9 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
+	responseStream << ( pageName );
+	responseStream << "</title>\n";
+	responseStream << "<!--<link rel=\"stylesheet\" type=\"text/css\" href=\"css/styles.min.css\">-->\n";
+	responseStream << "<link rel=\"stylesheet\" type=\"text/css\" href=\"";
+#line 11 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
+	responseStream << ( ServerConfig::g_php_serverPath );
+	responseStream << "/css/styles.css\">\n";
+	responseStream << "<style type=\"text/css\" >\n";
+	responseStream << ".grd_container\n";
+	responseStream << "{\n";
+	responseStream << "  max-width:820px;\n";
+	responseStream << "  margin-left:auto;\n";
+	responseStream << "  margin-right:auto;\n";
+	responseStream << "}\n";
+	responseStream << "\n";
+	responseStream << "input:not([type='radio']) {\n";
+	responseStream << "\twidth:200px;\n";
+	responseStream << "}\n";
+	responseStream << "label:not(.grd_radio_label) {\n";
+	responseStream << "\twidth:80px;\n";
+	responseStream << "\tdisplay:inline-block;\n";
+	responseStream << "}\n";
+	responseStream << ".grd_container_small\n";
+	responseStream << "{\n";
+	responseStream << "  max-width:500px;\n";
+	responseStream << "}\n";
+	responseStream << ".grd_text {\n";
+	responseStream << "  max-width:550px;\n";
+	responseStream << "  margin-bottom: 5px;\n";
+	responseStream << "}\n";
+	responseStream << ".dev-info {\n";
+	responseStream << "\tposition: fixed;\n";
+	responseStream << "\tcolor:grey;\n";
+	responseStream << "\tfont-size: smaller;\n";
+	responseStream << "\tleft:8px;\n";
+	responseStream << "}\n";
+	responseStream << ".grd-time-used {  \n";
+	responseStream << "  bottom:0;\n";
+	responseStream << "} \n";
+	responseStream << "\n";
+	responseStream << ".versionstring {\n";
+	responseStream << "\ttop:0;\n";
+	responseStream << "}\n";
+	responseStream << "</style>\n";
+	responseStream << "</head>\n";
+	responseStream << "<body>\n";
+	responseStream << "<div class=\"versionstring dev-info\">\n";
+	responseStream << "\t<p class=\"grd_small\">Login Server in Entwicklung</p>\n";
+	responseStream << "\t<p class=\"grd_small\">Alpha ";
+#line 53 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\header_old.cpsp"
+	responseStream << ( ServerConfig::g_versionString );
+	responseStream << "</p>\n";
+	responseStream << "</div>\n";
+	// end include header_old.cpsp
+	responseStream << "\n";
+	responseStream << "<div class=\"grd_container\">\n";
+	responseStream << "\t<h1>Debug Passphrase</h1>\n";
+	responseStream << "\t";
+#line 45 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( getErrorsHtml() );
+	responseStream << "\n";
+	responseStream << "\t<form method=\"POST\">\n";
+	responseStream << "\t\t<fieldset class=\"grd_container_small\">\n";
+	responseStream << "\t\t\t<legend>Userdata</legend>\n";
+	responseStream << "\t\t\t<p class=\"grd_small\">\n";
+	responseStream << "\t\t\t\t<label for=\"email\">E-Mail</label>\n";
+	responseStream << "\t\t\t\t<input id=\"email\" type=\"email\" name=\"email\" value=\"";
+#line 51 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( !form.empty() ? form.get("email") : "" );
+	responseStream << "\"/>\n";
+	responseStream << "\t\t\t</p>\n";
+	responseStream << "\t\t\t<p class=\"grd_small\">\n";
+	responseStream << "\t\t\t\t<label for=\"password\">Passwort</label>\n";
+	responseStream << "\t\t\t\t<input id=\"password\" type=\"password\" name=\"password\"/>\n";
+	responseStream << "\t\t\t</p>\n";
+	responseStream << "\t\t\t<textarea style=\"width:100%;height:100px\" name=\"passphrase\">";
+#line 57 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( !form.empty() ? form.get("passphrase", "") : "" );
+	responseStream << "</textarea>\n";
+	responseStream << "\t\t</fieldset>\n";
+	responseStream << "\t\t<input class=\"grd-form-bn grd-form-bn-succeed\" type=\"submit\" name=\"submit\" value=\"Debug\">\n";
+	responseStream << "\t</form>\n";
+	responseStream << "\t<p>Public key:<br>";
+#line 61 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( keys.getPubkeyHex() );
+	responseStream << "</p>\n";
+	responseStream << "\t<p>Private Key:<br>";
+#line 62 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( privKeyHex );
+	responseStream << "</p>\n";
+	responseStream << "\t<p>Passwort Hashed:<br>";
+#line 63 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( std::to_string(pwdHashed) );
+	responseStream << "</p>\n";
+	responseStream << "\t<p>Private key crypted:<br>";
+#line 64 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\debugPassphrase.cpsp"
+	responseStream << ( privKeyCryptedHex );
+	responseStream << "</p>\n";
+	responseStream << "</div>\n";
+	// begin include footer.cpsp
+	responseStream << "\t<div class=\"grd-time-used dev-info\">\n";
+	responseStream << "\t\t\t";
+#line 2 "F:\\Gradido\\gradido_login_server\\src\\cpsp\\footer.cpsp"
+	responseStream << ( mTimeProfiler.string() );
+	responseStream << "\n";
+	responseStream << "\t</div>\n";
+	responseStream << "</body>\n";
+	responseStream << "</html>";
+	// end include footer.cpsp
+	responseStream << "\n";
+	if (_compressResponse) _gzipStream.close();
+}

src/cpp/HTTPInterface/DebugPassphrasePage.h

@@ -0,0 +1,20 @@
+#ifndef DebugPassphrasePage_INCLUDED
+#define DebugPassphrasePage_INCLUDED
+
+
+#include "Poco/Net/HTTPRequestHandler.h"
+
+
+#include "SessionHTTPRequestHandler.h"
+
+
+class DebugPassphrasePage: public SessionHTTPRequestHandler
+{
+public:
+	DebugPassphrasePage(Session*);
+
+	void handleRequest(Poco::Net::HTTPServerRequest& request, Poco::Net::HTTPServerResponse& response);
+};
+
+
+#endif // DebugPassphrasePage_INCLUDED

src/cpp/HTTPInterface/ElopageWebhook.cpp

@@ -228,7 +228,7 @@ int HandleElopageRequestTask::run()
 	// get input data
 	// check event type
 	std::string event = mRequestData.get("event", "");
-	if (event == "lesson.viewed" || event == "lesson.completed") {
+	if (event == "lesson.viewed" || event == "lesson.completed" || event == "lesson.commented") {
 		return 0;
 	}
 

src/cpp/HTTPInterface/PageRequestHandlerFactory.cpp

@@ -19,6 +19,7 @@
 #include "CheckTransactionPage.h"
 #include "ResetPassword.h"
 #include "RegisterAdminPage.h"
+#include "DebugPassphrasePage.h"
 
 #include "DecodeTransactionPage.h"
 
@@ -132,10 +133,17 @@ Poco::Net::HTTPRequestHandler* PageRequestHandlerFactory::createRequestHandler(c
 			pageRequestHandler->setProfiler(timeUsed);
 			return pageRequestHandler;
 		}
-		if (url_first_part == "/adminRegister") {
-			auto pageRequestHandler = new RegisterAdminPage(s);
-			pageRequestHandler->setProfiler(timeUsed);
-			return pageRequestHandler;
+		if (s->getNewUser()->getModel()->getRole() == model::table::ROLE_ADMIN) {
+			if (url_first_part == "/adminRegister") {
+				auto pageRequestHandler = new RegisterAdminPage(s);
+				pageRequestHandler->setProfiler(timeUsed);
+				return pageRequestHandler;
+			}
+			if (url_first_part == "/debugPassphrase") {
+				auto pageRequestHandler = new DebugPassphrasePage(s);
+				pageRequestHandler->setProfiler(timeUsed);
+				return pageRequestHandler;
+			}
 		}
 
 		if(url_first_part == "/logout") {

src/cpp/model/User.cpp

@@ -748,6 +748,12 @@ bool User::validatePwd(const std::string& pwd, ErrorList* validationErrorsToPrin
 	if (sizeof(User::passwordHashed) != crypto_shorthash_BYTES) {
 		throw Poco::Exception("crypto_shorthash_BYTES != sizeof(User::passwordHashed)");
 	}
+	if (nullptr == cmpCryptoKey) {
+		if (validationErrorsToPrint) {
+			validationErrorsToPrint->addError(new Error("User::validatePwd", "couldn't create crypto key"));
+			return false;
+		}
+	}
 	User::passwordHashed pwdHashed;
 	if (!ServerConfig::g_ServerCryptoKey) {
 		if (validationErrorsToPrint) {

src/cpp/model/User.h

@@ -23,7 +23,7 @@ class Session;
 class UserWriteCryptoKeyHashIntoDB;
 class SigningTransaction;
 class UserGenerateKeys;
-
+class DebugPassphrasePage;
 
 enum UserStates
 {
@@ -54,6 +54,7 @@ class User : public ErrorList
 	friend UserWriteCryptoKeyHashIntoDB;
 	friend SigningTransaction;
 	friend UserGenerateKeys;
+	friend DebugPassphrasePage;
 public:
 	// new user
 	User(const char* email, const char* first_name, const char* last_name);

src/cpp/tasks/SigningTransaction.cpp

@@ -1,5 +1,7 @@
 #include "SigningTransaction.h"
 
+#include <google/protobuf/text_format.h>
+
 #include "../SingletonManager/ErrorManager.h"
 #include "../SingletonManager/MemoryManager.h"
 #include "../SingletonManager/SingletonTaskObserver.h"
@@ -99,7 +101,14 @@ int SigningTransaction::run() {
 	*sigBytes = std::string((char*)*sign, sign->size());
 	mm->releaseMemory(sign);
 	
-
+	/*std::string protoPrettyPrint;
+	google::protobuf::TextFormat::PrintToString(transaction, &protoPrettyPrint);
+	printf("transaction pretty: %s\n", protoPrettyPrint.data());
+	model::messages::gradido::TransactionBody transactionBody;
+	transactionBody.MergeFromString(transaction.bodybytes());
+	google::protobuf::TextFormat::PrintToString(transactionBody, &protoPrettyPrint);
+	printf("transaction body pretty: \n%s\n", protoPrettyPrint.data());
+	*/
 	// finalize
 	//printf("sigpair size: %d\n", transaction.sigmap().sigpair_size());
 	std::string finalTransactionBin = transaction.SerializeAsString();
@@ -199,6 +208,7 @@ int SigningTransaction::run() {
 		sendErrorsAsEmail();
 		return -8;
 	}
+	
 
 	return 0;
 }

src/cpsp/debugPassphrase.cpsp

@@ -0,0 +1,66 @@
+<%@ page class="DebugPassphrasePage" %>
+<%@ page form="true" %>
+<%@	page compressed="true" %>
+<%@ page baseClass="SessionHTTPRequestHandler" %>
+<%@ page ctorArg="Session*" %>
+<%@ header include="SessionHTTPRequestHandler.h" %>
+<%!
+#include "../crypto/KeyPair.h"
+%>
+<%%
+	const char* pageName = "Debug Passphrase";
+	auto mm = MemoryManager::getInstance();
+	KeyPair keys;
+	std::string privKeyHex = "";
+	std::string privKeyCryptedHex = "";
+	User::passwordHashed pwdHashed = 0;
+	if(!form.empty()) {
+		auto passphrase = KeyPair::filterPassphrase(form.get("passphrase", ""));
+		Mnemonic* wordSource = nullptr;
+		if(!User::validatePassphrase(passphrase, &wordSource)) {
+			addError(new Error("debug Passphrase", "invalid passphrase"));
+		} else {
+			keys.generateFromPassphrase(passphrase.data(), wordSource);
+		}
+		auto newUser = new User(form.get("email", "").data(), "first_name", "last_name");
+		newUser->validatePwd(form.get("password", ""), this);
+		pwdHashed = newUser->getPwdHashed();
+		auto privKey = keys.getPrivateKey();
+		if(privKey) {
+			privKeyHex = KeyPair::getHex(privKey);
+			auto privKeyCrypted = newUser->encrypt(privKey);
+			if(privKeyCrypted) {
+				privKeyCryptedHex = KeyPair::getHex(privKeyCrypted);
+				mm->releaseMemory(privKeyCrypted);
+			}
+		}
+		getErrors(newUser);
+		delete newUser;
+	}
+		
+	
+%><%@ include file="header_old.cpsp" %>
+<div class="grd_container">
+	<h1>Debug Passphrase</h1>
+	<%= getErrorsHtml() %>
+	<form method="POST">
+		<fieldset class="grd_container_small">
+			<legend>Userdata</legend>
+			<p class="grd_small">
+				<label for="email">E-Mail</label>
+				<input id="email" type="email" name="email" value="<%= !form.empty() ? form.get("email") : "" %>"/>
+			</p>
+			<p class="grd_small">
+				<label for="password">Passwort</label>
+				<input id="password" type="password" name="password"/>
+			</p>
+			<textarea style="width:100%;height:100px" name="passphrase"><%= !form.empty() ? form.get("passphrase", "") : "" %></textarea>
+		</fieldset>
+		<input class="grd-form-bn grd-form-bn-succeed" type="submit" name="submit" value="Debug">
+	</form>
+	<p>Public key:<br><%= keys.getPubkeyHex() %></p>
+	<p>Private Key:<br><%= privKeyHex %></p>
+	<p>Passwort Hashed:<br><%= std::to_string(pwdHashed) %></p>
+	<p>Private key crypted:<br><%= privKeyCryptedHex %></p>
+</div>
+<%@ include file="footer.cpsp" %>