feat: Ability to login directly with hashed password (#10811)

This commit is contained in:
Igor Sirotin 2023-05-31 16:06:23 +03:00 committed by GitHub
parent 5678d86a54
commit 92bd3e4999
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 22 additions and 32 deletions

View File

@ -12,7 +12,7 @@ import ../../../app_service/service/keychain/service as keychain_service
import ../../../app_service/service/profile/service as profile_service import ../../../app_service/service/profile/service as profile_service
import ../../../app_service/service/keycard/service as keycard_service import ../../../app_service/service/keycard/service as keycard_service
import ../../../app_service/service/devices/service as devices_service import ../../../app_service/service/devices/service as devices_service
import ../../../app_service/common/account_constants import ../../../app_service/common/[account_constants, utils]
import ../shared_modules/keycard_popup/io_interface as keycard_shared_module import ../shared_modules/keycard_popup/io_interface as keycard_shared_module
@ -445,7 +445,7 @@ proc isSelectedAccountAKeycardAccount*(self: Controller): bool =
proc login*(self: Controller) = proc login*(self: Controller) =
self.delegate.moveToLoadingAppState() self.delegate.moveToLoadingAppState()
let selectedAccount = self.getSelectedLoginAccount() let selectedAccount = self.getSelectedLoginAccount()
self.accountsService.login(selectedAccount, self.tmpPassword) self.accountsService.login(selectedAccount, hashPassword(self.tmpPassword))
proc loginAccountKeycard*(self: Controller, storeToKeychainValue: string, syncWalletAfterLogin = false) = proc loginAccountKeycard*(self: Controller, storeToKeychainValue: string, syncWalletAfterLogin = false) =
if syncWalletAfterLogin: if syncWalletAfterLogin:

View File

@ -18,6 +18,9 @@ proc hashPassword*(password: string, lower: bool = true): string =
return hashed return hashed
proc hashedPasswordToUpperCase*(hashedPassword: string): string =
return "0x" & hashedPassword[2 .. ^1].toUpperAscii()
proc prefix*(methodName: string, isExt:bool = true): string = proc prefix*(methodName: string, isExt:bool = true): string =
result = "waku" result = "waku"
result = result & (if isExt: "ext_" else: "_") result = result & (if isExt: "ext_" else: "_")

View File

@ -66,7 +66,6 @@ QtObject:
keyStoreDir: string keyStoreDir: string
defaultWalletEmoji: string defaultWalletEmoji: string
tmpAccount: AccountDto tmpAccount: AccountDto
tmpPassword: string
tmpHashedPassword: string tmpHashedPassword: string
tmpThumbnailImage: string tmpThumbnailImage: string
tmpLargeImage: string tmpLargeImage: string
@ -618,9 +617,8 @@ QtObject:
self.loggedInAccount = account self.loggedInAccount = account
self.setLocalAccountSettingsFile() self.setLocalAccountSettingsFile()
proc login*(self: Service, account: AccountDto, password: string) = proc login*(self: Service, account: AccountDto, hashedPassword: string) =
try: try:
let hashedPassword = hashPassword(password)
var thumbnailImage: string var thumbnailImage: string
var largeImage: string var largeImage: string
for img in account.images: for img in account.images:
@ -634,7 +632,7 @@ QtObject:
os.createDir(keyStoreDir) os.createDir(keyStoreDir)
status_core.migrateKeyStoreDir($ %* { status_core.migrateKeyStoreDir($ %* {
"key-uid": account.keyUid "key-uid": account.keyUid
}, password, main_constants.ROOTKEYSTOREDIR, keyStoreDir) }, hashedPassword, main_constants.ROOTKEYSTOREDIR, keyStoreDir)
self.setKeyStoreDir(account.keyUid) self.setKeyStoreDir(account.keyUid)
# This is moved from `status-lib` here # This is moved from `status-lib` here
@ -692,14 +690,13 @@ QtObject:
"DiscV5BootstrapNodes": @[] "DiscV5BootstrapNodes": @[]
} }
let isOldHashPassword = self.verifyDatabasePassword(account.keyUid, hashPassword(password, lower=false)) let isOldHashPassword = self.verifyDatabasePassword(account.keyUid, hashedPasswordToUpperCase(hashedPassword))
if isOldHashPassword: if isOldHashPassword:
# Start loading screen with warning # Start loading screen with warning
self.events.emit(SIGNAL_REENCRYPTION_PROCESS_STARTED, Args()) self.events.emit(SIGNAL_REENCRYPTION_PROCESS_STARTED, Args())
# Save tmp properties so that we can login after the timer # Save tmp properties so that we can login after the timer
self.tmpAccount = account self.tmpAccount = account
self.tmpPassword = password
self.tmpHashedPassword = hashedPassword self.tmpHashedPassword = hashedPassword
self.tmpThumbnailImage = thumbnailImage self.tmpThumbnailImage = thumbnailImage
self.tmpLargeImage = largeImage self.tmpLargeImage = largeImage
@ -722,9 +719,8 @@ QtObject:
proc onWaitForReencryptionTimeout(self: Service, response: string) {.slot.} = proc onWaitForReencryptionTimeout(self: Service, response: string) {.slot.} =
# Reencryption (can freeze and take up to 30 minutes) # Reencryption (can freeze and take up to 30 minutes)
let pwd = self.tmpPassword let oldHashedPassword = hashedPasswordToUpperCase(self.tmpHashedPassword)
self.tmpPassword = "" # Clear the password from memory as fast as possible discard status_privacy.changeDatabaseHashedPassword(self.tmpAccount.keyUid, oldHashedPassword, self.tmpHashedPassword)
discard status_privacy.lowerDatabasePassword(self.tmpAccount.keyUid, pwd)
# Normal login after reencryption # Normal login after reencryption
self.doLogin(self.tmpAccount, self.tmpHashedPassword, self.tmpThumbnailImage, self.tmpLargeImage, self.tmpNodeCfg) self.doLogin(self.tmpAccount, self.tmpHashedPassword, self.tmpThumbnailImage, self.tmpLargeImage, self.tmpNodeCfg)

View File

@ -78,11 +78,10 @@ proc sendTransaction*(chainId: int, inputJSON: string, password: string): RpcRes
raise newException(RpcException, e.msg) raise newException(RpcException, e.msg)
proc migrateKeyStoreDir*(account: string, password: string, oldKeystoreDir: string, multiaccountKeystoreDir: string) proc migrateKeyStoreDir*(account: string, hashedPassword: string, oldKeystoreDir: string, multiaccountKeystoreDir: string)
{.raises: [RpcException, ValueError, Defect, SerializationError].} = {.raises: [RpcException, ValueError, Defect, SerializationError].} =
try: try:
var hashed_password = "0x" & $keccak_256.digest(password) discard status_go.migrateKeyStoreDir(account, hashedPassword, oldKeystoreDir, multiaccountKeystoreDir)
discard status_go.migrateKeyStoreDir(account, hashed_password, oldKeystoreDir, multiaccountKeystoreDir)
except Exception as e: except Exception as e:
error "error migrating keystore dir", account, exception=e.msg error "error migrating keystore dir", account, exception=e.msg
raise newException(RpcException, e.msg) raise newException(RpcException, e.msg)

View File

@ -9,28 +9,20 @@ export response_type
logScope: logScope:
topics = "rpc-privacy" topics = "rpc-privacy"
proc changeDatabasePassword*(keyUID: string, password: string, newPassword: string): RpcResponse[JsonNode] proc changeDatabaseHashedPassword*(keyUID: string, oldHashedPassword: string, newHashedPassword: string): RpcResponse[JsonNode]
{.raises: [Exception].} = {.raises: [Exception].} =
try: try:
let hashedPassword = hashPassword(password) let response = status_go.changeDatabasePassword(keyUID, oldHashedPassword, newHashedPassword)
let hashedNewPassword = hashPassword(newPassword)
let response = status_go.changeDatabasePassword(keyUID, hashedPassword, hashedNewPassword)
result.result = Json.decode(response, JsonNode) result.result = Json.decode(response, JsonNode)
except RpcException as e: except RpcException as e:
error "error", methodName = "changeDatabasePassword", exception=e.msg error "error", methodName = "changeDatabasePassword", exception=e.msg
raise newException(RpcException, e.msg) raise newException(RpcException, e.msg)
proc lowerDatabasePassword*(keyUID: string, password: string): RpcResponse[JsonNode] proc changeDatabasePassword*(keyUID: string, password: string, newPassword: string): RpcResponse[JsonNode]
{.raises: [Exception].} = {.raises: [Exception].} =
try: let hashedPassword = hashPassword(password)
let hashedPassword = hashPassword(password, lower=false) let hashedNewPassword = hashPassword(newPassword)
let hashedNewPassword = hashPassword(password) return changeDatabaseHashedPassword(keyUID, hashedPassword, hashedNewPassword)
let response = status_go.changeDatabasePassword(keyUID, hashedPassword, hashedNewPassword)
result.result = Json.decode(response, JsonNode)
except RpcException as e:
error "error", methodName = "lowerDatabasePassword", exception=e.msg
raise newException(RpcException, e.msg)
proc getLinkPreviewWhitelist*(): RpcResponse[JsonNode] {.raises: [Exception].} = proc getLinkPreviewWhitelist*(): RpcResponse[JsonNode] {.raises: [Exception].} =
let payload = %* [] let payload = %* []