From 46f32881b9bc1034e2e88305e084e813861934bf Mon Sep 17 00:00:00 2001 From: Sarah Jamie Lewis Date: Fri, 17 Dec 2021 13:58:54 -0800 Subject: [PATCH] Port Change Password to new Storage Engine --- app/app.go | 5 ---- peer/cwtch_peer.go | 30 ++++++++++++++++++- peer/cwtchprofilestorage.go | 6 ++++ peer/profile_interface.go | 1 + testing/cwtch_peer_server_integration_test.go | 12 +++++++- 5 files changed, 47 insertions(+), 7 deletions(-) diff --git a/app/app.go b/app/app.go index 6c68e71..fe05c6b 100644 --- a/app/app.go +++ b/app/app.go @@ -36,7 +36,6 @@ type Application interface { CreateTaggedPeer(name string, password string, tag string) DeletePeer(onion string, currentPassword string) AddPeerPlugin(onion string, pluginID plugins.PluginID) - ChangePeerPassword(onion, oldpass, newpass string) LaunchPeers() GetPrimaryBus() event.Manager @@ -122,10 +121,6 @@ func (app *application) DeletePeer(onion string, password string) { app.appBus.Publish(event.NewEventList(event.AppError, event.Error, event.PasswordMatchError, event.Identity, onion)) } -func (app *application) ChangePeerPassword(onion, oldpass, newpass string) { - app.eventBuses[onion].Publish(event.NewEventList(event.ChangePassword, event.Password, oldpass, event.NewPassword, newpass)) -} - func (app *application) AddPeerPlugin(onion string, pluginID plugins.PluginID) { app.AddPlugin(onion, pluginID, app.eventBuses[onion], app.acn) } diff --git a/peer/cwtch_peer.go b/peer/cwtch_peer.go index f394fc5..5d1e57d 100644 --- a/peer/cwtch_peer.go +++ b/peer/cwtch_peer.go @@ -13,6 +13,8 @@ import ( "git.openprivacy.ca/openprivacy/connectivity" "git.openprivacy.ca/openprivacy/connectivity/tor" "golang.org/x/crypto/ed25519" + "io/ioutil" + path "path/filepath" "runtime" "strconv" "strings" @@ -80,6 +82,33 @@ func (cp *cwtchPeer) CheckPassword(password string) bool { return true } +func (cp *cwtchPeer) ChangePassword(password string, newpassword string, newpasswordAgain string) error { + cp.mutex.Lock() + defer cp.mutex.Unlock() + db, err := openEncryptedDatabase(cp.storage.ProfileDirectory, password, false) + if db == nil || err != nil { + return errors.New("invalid_password") + } + cps, err := NewCwtchProfileStorage(db, cp.storage.ProfileDirectory) + if err != nil { + return errors.New("invalid_password") + } + cps.Close() + + salt, err := ioutil.ReadFile(path.Join(cp.storage.ProfileDirectory, saltFile)) + if err != nil { + return err + } + + // probably redundant but we like api safety + if newpassword == newpasswordAgain { + rekey := createKey(newpassword, salt) + log.Infof("rekeying database...") + return cp.storage.Rekey(rekey) + } + return errors.New("passwords_do_not_match") +} + // GenerateProtocolEngine // Status: New in 1.5 func (cp *cwtchPeer) GenerateProtocolEngine(acn connectivity.ACN, bus event.Manager) (connections.Engine, error) { @@ -1147,7 +1176,6 @@ func (cp *cwtchPeer) eventHandler() { cp.mutex.Lock() cp.state[ev.Data[event.GroupServer]] = connections.ConnectionStateToType()[ev.Data[event.ConnectionState]] cp.mutex.Unlock() - default: if ev.EventType != "" { log.Errorf("peer event handler received an event it was not subscribed for: %v", ev.EventType) diff --git a/peer/cwtchprofilestorage.go b/peer/cwtchprofilestorage.go index 0a6e8ac..8d12571 100644 --- a/peer/cwtchprofilestorage.go +++ b/peer/cwtchprofilestorage.go @@ -762,3 +762,9 @@ func (cps *CwtchProfileStorage) Delete() { log.Errorf("error deleting profile directory", err) } } + +func (cps *CwtchProfileStorage) Rekey(newkey [32]byte) error { + // PRAGMA queries don't allow subs... + _, err := cps.db.Exec(fmt.Sprintf(`PRAGMA rekey="x'%x'";`, newkey)) + return err +} diff --git a/peer/profile_interface.go b/peer/profile_interface.go index e6a34d1..90a0b83 100644 --- a/peer/profile_interface.go +++ b/peer/profile_interface.go @@ -114,5 +114,6 @@ type CwtchPeer interface { ShareFile(fileKey string, serializedManifest string) CheckPassword(password string) bool + ChangePassword(oldpassword string, newpassword string, newpasswordAgain string) error Delete() } diff --git a/testing/cwtch_peer_server_integration_test.go b/testing/cwtch_peer_server_integration_test.go index 5b41bd0..a00ec0b 100644 --- a/testing/cwtch_peer_server_integration_test.go +++ b/testing/cwtch_peer_server_integration_test.go @@ -164,6 +164,17 @@ func TestCwtchPeerIntegration(t *testing.T) { alice.PeerWithOnion(bob.GetOnion()) alice.PeerWithOnion(carol.GetOnion()) + // Test that we can rekey alice without issues... + err = alice.ChangePassword("asdfasdf", "password 1 2 3", "password 1 2 3") + + if err != nil { + t.Fatalf("error changing password for Alice: %v", err) + } + + if !alice.CheckPassword("password 1 2 3") { + t.Fatalf("Alice password did not change...") + } + waitForConnection(t, alice, bob.GetOnion(), connections.AUTHENTICATED) waitForConnection(t, alice, carol.GetOnion(), connections.AUTHENTICATED) waitForConnection(t, bob, alice.GetOnion(), connections.AUTHENTICATED) @@ -342,7 +353,6 @@ func TestCwtchPeerIntegration(t *testing.T) { if numGoRoutinesStart != numGoRoutinesPostAppShutdown { t.Errorf("Number of GoRoutines at start (%v) does not match number of goRoutines after cleanup of peers and servers (%v), clean up failed, v detected!", numGoRoutinesStart, numGoRoutinesPostAppShutdown) } - } // Utility function for sending a message from a peer to a group