From 5a8bc256b30ee9b3d1a72da7f961803b01335225 Mon Sep 17 00:00:00 2001 From: Anthony Laibe Date: Fri, 10 Feb 2023 11:49:12 +0100 Subject: [PATCH] feat(@general): lower case password --- src/app_service/common/string_utils.nim | 4 - src/app_service/common/utils.nim | 14 +++- src/app_service/service/accounts/service.nim | 77 +++++++++++-------- .../service/wallet_account/service.nim | 16 ++-- src/backend/accounts.nim | 12 ++- src/backend/browser.nim | 2 +- src/backend/chat.nim | 2 +- src/backend/chatCommands.nim | 2 +- src/backend/communities.nim | 2 +- src/backend/community_tokens.nim | 2 +- src/backend/contacts.nim | 2 +- src/backend/ens.nim | 2 +- src/backend/general.nim | 2 +- src/backend/installations.nim | 2 +- src/backend/mailservers.nim | 2 +- src/backend/messages.nim | 2 +- src/backend/node.nim | 2 +- src/backend/node_config.nim | 2 +- src/backend/privacy.nim | 14 +++- src/backend/provider.nim | 2 +- src/backend/stickers.nim | 2 +- src/backend/utils.nim | 12 --- vendor/nim-status-go | 2 +- vendor/status-go | 2 +- 24 files changed, 108 insertions(+), 75 deletions(-) delete mode 100644 src/app_service/common/string_utils.nim delete mode 100644 src/backend/utils.nim diff --git a/src/app_service/common/string_utils.nim b/src/app_service/common/string_utils.nim deleted file mode 100644 index cd8b9b8b81..0000000000 --- a/src/app_service/common/string_utils.nim +++ /dev/null @@ -1,4 +0,0 @@ -import nimcrypto - -proc hashString*(text: string): string = - result = "0x" & $keccak_256.digest(text) diff --git a/src/app_service/common/utils.nim b/src/app_service/common/utils.nim index cb4647d7b1..8eab410f97 100644 --- a/src/app_service/common/utils.nim +++ b/src/app_service/common/utils.nim @@ -10,8 +10,18 @@ const ETH_DOMAIN* = ".eth" proc arrayContains*[T](arr: seq[T], value: T): bool = return arr.any(x => x == value) -proc hashPassword*(password: string): string = - result = "0x" & $keccak_256.digest(password) +proc hashPassword*(password: string, lower: bool = true): string = + let hashed = "0x" & $keccak_256.digest(password) + + if lower: + return hashed.toLowerAscii() + + return hashed + +proc prefix*(methodName: string, isExt:bool = true): string = + result = "waku" + result = result & (if isExt: "ext_" else: "_") + result = result & methodName proc generateSigningPhrase*(count: int): string = let now = getTime() diff --git a/src/app_service/service/accounts/service.nim b/src/app_service/service/accounts/service.nim index c9096599d6..25783dfc36 100644 --- a/src/app_service/service/accounts/service.nim +++ b/src/app_service/service/accounts/service.nim @@ -7,12 +7,13 @@ import ./dto/generated_accounts as dto_generated_accounts from ../keycard/service import KeycardEvent, KeyDetails import ../../../backend/general as status_general import ../../../backend/core as status_core +import ../../../backend/privacy as status_privacy import ../../../app/core/eventemitter import ../../../app/core/signals/types import ../../../app/core/tasks/[qt, threadpool] import ../../../app/core/fleets/fleet_configuration -import ../../common/[account_constants, network_constants, utils, string_utils] +import ../../common/[account_constants, network_constants, utils] import ../../../constants as main_constants import ../settings/dto/settings as settings @@ -377,7 +378,7 @@ QtObject: error "error: ", procName="setupAccount", errDesription = description return description - let hashedPassword = hashString(password) + let hashedPassword = hashPassword(password) discard self.storeAccount(accountId, hashedPassword) discard self.storeDerivedAccounts(accountId, hashedPassword, PATHS) self.loggedInAccount = self.saveAccountAndLogin(hashedPassword, @@ -549,9 +550,35 @@ QtObject: error "error: ", procName="importMnemonic", errName = e.name, errDesription = e.msg return e.msg + proc verifyAccountPassword*(self: Service, account: string, password: string): bool = + try: + let response = status_account.verifyAccountPassword(account, password, self.keyStoreDir) + if(response.result.contains("error")): + let errMsg = response.result["error"].getStr + if(errMsg.len == 0): + return true + else: + error "error: ", procName="verifyAccountPassword", errDesription = errMsg + return false + except Exception as e: + error "error: ", procName="verifyAccountPassword", errName = e.name, errDesription = e.msg + + proc verifyDatabasePassword*(self: Service, keyuid: string, hashedPassword: string): bool = + try: + let response = status_account.verifyDatabasePassword(keyuid, hashedPassword) + if(response.result.contains("error")): + let errMsg = response.result["error"].getStr + if(errMsg.len == 0): + return true + else: + error "error: ", procName="verifyDatabasePassword", errDesription = errMsg + return false + except Exception as e: + error "error: ", procName="verifyDatabasePassword", errName = e.name, errDesription = e.msg + proc login*(self: Service, account: AccountDto, password: string): string = try: - let hashedPassword = hashString(password) + let hashedPassword = hashPassword(password) var thumbnailImage: string var largeImage: string for img in account.images: @@ -615,17 +642,21 @@ QtObject: "DiscV5BootstrapNodes": @[] } - let response = status_account.login(account.name, account.keyUid, account.kdfIterations, hashedPassword, thumbnailImage, - largeImage, $nodeCfg) - var error = "response doesn't contain \"error\"" - if(response.result.contains("error")): - error = response.result["error"].getStr - if error == "": - debug "Account logged in" - self.loggedInAccount = account - self.setLocalAccountSettingsFile() - return error + let isOldHashPassword = self.verifyDatabasePassword(account.keyUid, hashPassword(password, lower=false)) + if isOldHashPassword: + discard status_privacy.lowerDatabasePassword(account.keyUid, password) + + let response = status_account.login( + account.name, account.keyUid, account.kdfIterations, hashedPassword, thumbnailImage, largeImage, $nodeCfg + ) + if response.result{"error"}.getStr == "": + debug "Account logged in" + self.loggedInAccount = account + self.setLocalAccountSettingsFile() + return "" + + return response.result{"error"}.getStr except Exception as e: error "error: ", procName="login", errName = e.name, errDesription = e.msg @@ -661,20 +692,6 @@ QtObject: error "error: ", procName="loginAccountKeycard", errName = e.name, errDesription = e.msg return e.msg - proc verifyAccountPassword*(self: Service, account: string, password: string): bool = - try: - let response = status_account.verifyAccountPassword(account, password, self.keyStoreDir) - if(response.result.contains("error")): - let errMsg = response.result["error"].getStr - if(errMsg.len == 0): - return true - else: - error "error: ", procName="verifyAccountPassword", errDesription = errMsg - return false - except Exception as e: - error "error: ", procName="verifyAccountPassword", errName = e.name, errDesription = e.msg - - proc convertToKeycardAccount*(self: Service, currentPassword: string, newPassword: string) = var accountDataJson = %* { "key-uid": self.getLoggedInAccount().keyUid, @@ -689,7 +706,7 @@ QtObject: error "error: ", procName="convertToKeycardAccount", errDesription = description return - let hashedCurrentPassword = hashString(currentPassword) + let hashedCurrentPassword = hashPassword(currentPassword) let arg = ConvertToKeycardAccountTaskArg( tptr: cast[ByteAddress](convertToKeycardAccountTask), vptr: cast[ByteAddress](self.vptr), @@ -718,7 +735,7 @@ QtObject: self.events.emit(SIGNAL_CONVERTING_PROFILE_KEYPAIR, ResultArgs(success: result)) proc convertToRegularAccount*(self: Service, mnemonic: string, currentPassword: string, newPassword: string): string = - let hashedPassword = hashString(newPassword) + let hashedPassword = hashPassword(newPassword) try: let response = status_account.convertToRegularAccount(mnemonic, currentPassword, hashedPassword) var errMsg = "" @@ -733,7 +750,7 @@ QtObject: proc verifyPassword*(self: Service, password: string): bool = try: - let hashedPassword = hashString(password) + let hashedPassword = hashPassword(password) let response = status_account.verifyPassword(hashedPassword) return response.result.getBool except Exception as e: diff --git a/src/app_service/service/wallet_account/service.nim b/src/app_service/service/wallet_account/service.nim index 5701b7995c..0f37c90126 100644 --- a/src/app_service/service/wallet_account/service.nim +++ b/src/app_service/service/wallet_account/service.nim @@ -6,7 +6,7 @@ import ../settings/service as settings_service import ../accounts/service as accounts_service import ../token/service as token_service import ../network/service as network_service -import ../../common/[account_constants, string_utils] +import ../../common/[account_constants, utils] import ../../../app/global/global_singleton import dto, derived_address, key_pair_dto @@ -317,7 +317,7 @@ QtObject: derivedFrom) else: discard backend.generateAccountWithDerivedPath( - hashPassword(password), + utils.hashPassword(password), accountName, color, emoji, @@ -341,7 +341,7 @@ QtObject: else: discard backend.addAccountWithPrivateKey( privateKey, - hashPassword(password), + utils.hashPassword(password), accountName, color, emoji) @@ -365,7 +365,7 @@ QtObject: else: discard backend.addAccountWithMnemonicAndPath( mnemonic, - hashPassword(password), + utils.hashPassword(password), accountName, color, emoji, @@ -393,7 +393,7 @@ QtObject: try: var hashedPassword = "" if password.len > 0: - hashedPassword = hashString(password) + hashedPassword = utils.hashPassword(password) discard status_go_accounts.deleteAccount(address, hashedPassword) let accountDeleted = self.removeAccount(address) self.events.emit(SIGNAL_WALLET_ACCOUNT_DELETED, AccountDeleted(account: accountDeleted)) @@ -433,7 +433,7 @@ QtObject: proc getDerivedAddress*(self: Service, password: string, derivedFrom: string, path: string, hashPassword: bool)= let arg = GetDerivedAddressTaskArg( - password: if hashPassword: hashPassword(password) else: password, + password: if hashPassword: utils.hashPassword(password) else: password, derivedFrom: derivedFrom, path: path, tptr: cast[ByteAddress](getDerivedAddressTask), @@ -444,7 +444,7 @@ QtObject: proc getDerivedAddressList*(self: Service, password: string, derivedFrom: string, path: string, pageSize: int, pageNumber: int, hashPassword: bool)= let arg = GetDerivedAddressesTaskArg( - password: if hashPassword: hashPassword(password) else: password, + password: if hashPassword: utils.hashPassword(password) else: password, derivedFrom: derivedFrom, path: path, pageSize: pageSize, @@ -604,7 +604,7 @@ QtObject: # in some contexts we just need to add keypair to the db, so password is not needed. var hashedPassword = "" if password.len > 0: - hashedPassword = hashString(password) + hashedPassword = utils.hashPassword(password) let arg = AddMigratedKeyPairTaskArg( tptr: cast[ByteAddress](addMigratedKeyPairTask), vptr: cast[ByteAddress](self.vptr), diff --git a/src/backend/accounts.nim b/src/backend/accounts.nim index bb6be259bb..4d871b4cc2 100644 --- a/src/backend/accounts.nim +++ b/src/backend/accounts.nim @@ -1,5 +1,5 @@ import json, json_serialization, chronicles, strutils -import ./core, ./utils +import ./core, ../app_service/common/utils import ./response_type import status_go @@ -300,6 +300,16 @@ proc verifyAccountPassword*(address: string, password: string, keystoreDir: stri error "error doing rpc request", methodName = "verifyAccountPassword", exception=e.msg raise newException(RpcException, e.msg) +proc verifyDatabasePassword*(keyuid: string, hashedPassword: string): + RpcResponse[JsonNode] {.raises: [Exception].} = + try: + let response = status_go.verifyDatabasePassword(keyuid, hashedPassword) + result.result = Json.decode(response, JsonNode) + + except RpcException as e: + error "error doing rpc request", methodName = "verifyDatabasePassword", exception=e.msg + raise newException(RpcException, e.msg) + proc storeIdentityImage*(keyUID: string, imagePath: string, aX, aY, bX, bY: int): RpcResponse[JsonNode] {.raises: [Exception].} = let payload = %* [keyUID, imagePath, aX, aY, bX, bY] diff --git a/src/backend/browser.nim b/src/backend/browser.nim index 441b494362..ad64a711ea 100644 --- a/src/backend/browser.nim +++ b/src/backend/browser.nim @@ -1,5 +1,5 @@ import json -import core, utils +import core, ../app_service/common/utils import response_type import ./backend diff --git a/src/backend/chat.nim b/src/backend/chat.nim index cf89f73c68..4720a723b7 100644 --- a/src/backend/chat.nim +++ b/src/backend/chat.nim @@ -1,5 +1,5 @@ import json, sequtils, sugar, strutils -import core, utils +import core, ../app_service/common/utils import response_type import interpret/cropped_image diff --git a/src/backend/chatCommands.nim b/src/backend/chatCommands.nim index f84ab57b6d..56b3de2b25 100644 --- a/src/backend/chatCommands.nim +++ b/src/backend/chatCommands.nim @@ -1,5 +1,5 @@ import json -import core, utils +import core, ../app_service/common/utils import response_type proc acceptRequestAddressForTransaction*(messageId: string, address: string): RpcResponse[JsonNode] {.raises: [Exception].} = diff --git a/src/backend/communities.nim b/src/backend/communities.nim index 694f5352c0..aac27dac50 100644 --- a/src/backend/communities.nim +++ b/src/backend/communities.nim @@ -1,5 +1,5 @@ import json, strutils -import core, utils +import core, ../app_service/common/utils import response_type import interpret/cropped_image diff --git a/src/backend/community_tokens.nim b/src/backend/community_tokens.nim index d5af67a633..8ab37196a0 100644 --- a/src/backend/community_tokens.nim +++ b/src/backend/community_tokens.nim @@ -1,6 +1,6 @@ import json import ./eth -import ./utils +import ../app_service/common/utils import ./core, ./response_type proc deployCollectibles*(chainId: int, deploymentParams: JsonNode, txData: JsonNode, password: string): RpcResponse[JsonNode] {.raises: [Exception].} = diff --git a/src/backend/contacts.nim b/src/backend/contacts.nim index 9c69ebbf29..a3d0989c8d 100644 --- a/src/backend/contacts.nim +++ b/src/backend/contacts.nim @@ -1,5 +1,5 @@ import json, strmisc -import core, utils +import core, ../app_service/common/utils import response_type export response_type diff --git a/src/backend/ens.nim b/src/backend/ens.nim index 904973362e..81f7590ab2 100644 --- a/src/backend/ens.nim +++ b/src/backend/ens.nim @@ -1,6 +1,6 @@ import json import ./core, ./response_type -import ./utils +import ../app_service/common/utils export response_type proc getEnsUsernames*(): RpcResponse[JsonNode] {.raises: [Exception].} = diff --git a/src/backend/general.nim b/src/backend/general.nim index 310262d753..1a3e8f80cc 100644 --- a/src/backend/general.nim +++ b/src/backend/general.nim @@ -1,5 +1,5 @@ import json, strutils, json_serialization, chronicles -import core, utils +import core, ../app_service/common/utils import response_type import status_go diff --git a/src/backend/installations.nim b/src/backend/installations.nim index cc9bea61ea..4c68ed5b8d 100644 --- a/src/backend/installations.nim +++ b/src/backend/installations.nim @@ -1,5 +1,5 @@ import json -import core, utils +import core, ../app_service/common/utils import response_type export response_type diff --git a/src/backend/mailservers.nim b/src/backend/mailservers.nim index 7c2b02eb13..61241c0946 100644 --- a/src/backend/mailservers.nim +++ b/src/backend/mailservers.nim @@ -1,5 +1,5 @@ import json, chronicles -import core, utils +import core, ../app_service/common/utils import response_type export response_type diff --git a/src/backend/messages.nim b/src/backend/messages.nim index f6ca3a6d6a..9c09954ad9 100644 --- a/src/backend/messages.nim +++ b/src/backend/messages.nim @@ -1,5 +1,5 @@ import json -import core, utils +import core, ../app_service/common/utils import response_type export response_type diff --git a/src/backend/node.nim b/src/backend/node.nim index 4e019f8a95..f04f3e5779 100644 --- a/src/backend/node.nim +++ b/src/backend/node.nim @@ -1,5 +1,5 @@ import json -import core, utils +import core, ../app_service/common/utils import response_type export response_type diff --git a/src/backend/node_config.nim b/src/backend/node_config.nim index 7d9b2f188a..1c36103886 100644 --- a/src/backend/node_config.nim +++ b/src/backend/node_config.nim @@ -1,7 +1,7 @@ import json, json_serialization, chronicles import ./core import ./response_type -import utils +import ../app_service/common/utils import status_go diff --git a/src/backend/privacy.nim b/src/backend/privacy.nim index 7a196ee3c4..7f11c1dece 100644 --- a/src/backend/privacy.nim +++ b/src/backend/privacy.nim @@ -1,5 +1,5 @@ import json, json_serialization, chronicles -import core, utils +import core, ../app_service/common/utils import response_type import status_go @@ -20,6 +20,18 @@ proc changeDatabasePassword*(keyUID: string, password: string, newPassword: stri error "error", methodName = "changeDatabasePassword", exception=e.msg raise newException(RpcException, e.msg) +proc lowerDatabasePassword*(keyUID: string, password: string): RpcResponse[JsonNode] + {.raises: [Exception].} = + try: + let hashedPassword = hashPassword(password, lower=false) + let hashedNewPassword = hashPassword(password) + let response = status_go.changeDatabasePassword(keyUID, hashedPassword, hashedNewPassword) + result.result = Json.decode(response, JsonNode) + except RpcException as e: + error "error", methodName = "lowerDatabasePassword", exception=e.msg + raise newException(RpcException, e.msg) + + proc getLinkPreviewWhitelist*(): RpcResponse[JsonNode] {.raises: [Exception].} = let payload = %* [] result = callPrivateRPC("getLinkPreviewWhitelist".prefix, payload) \ No newline at end of file diff --git a/src/backend/provider.nim b/src/backend/provider.nim index 01fa90bf6e..a676e9ebc7 100644 --- a/src/backend/provider.nim +++ b/src/backend/provider.nim @@ -1,5 +1,5 @@ import json, json_serialization, chronicles -import ./utils +import ../app_service/common/utils import ./core logScope: diff --git a/src/backend/stickers.nim b/src/backend/stickers.nim index f24286ff46..4ce3b3ff3c 100644 --- a/src/backend/stickers.nim +++ b/src/backend/stickers.nim @@ -1,6 +1,6 @@ import json import ./eth -import ./utils +import ../app_service/common/utils import ./core, ./response_type import web3/[ethtypes, conversions] diff --git a/src/backend/utils.nim b/src/backend/utils.nim deleted file mode 100644 index a28bf87fc6..0000000000 --- a/src/backend/utils.nim +++ /dev/null @@ -1,12 +0,0 @@ -import nimcrypto - -proc isWakuEnabled(): bool = - true # TODO: - -proc prefix*(methodName: string, isExt:bool = true): string = - result = if isWakuEnabled(): "waku" else: "shh" - result = result & (if isExt: "ext_" else: "_") - result = result & methodName - -proc hashPassword*(password: string): string = - result = "0x" & $keccak_256.digest(password) diff --git a/vendor/nim-status-go b/vendor/nim-status-go index 8fed87fe27..4d2d359aec 160000 --- a/vendor/nim-status-go +++ b/vendor/nim-status-go @@ -1 +1 @@ -Subproject commit 8fed87fe272c4b49008cd7cc5950a96cd0751966 +Subproject commit 4d2d359aec6a9db5fb684c97ebd52b82065d60f3 diff --git a/vendor/status-go b/vendor/status-go index 1d1a95091d..c786528965 160000 --- a/vendor/status-go +++ b/vendor/status-go @@ -1 +1 @@ -Subproject commit 1d1a95091df0197199ea502aae24c823faf9b989 +Subproject commit c786528965e4537dcf1fd7deea773bd9f3d99bbd