diff --git a/assignment-client/src/entities/EntityServer.cpp b/assignment-client/src/entities/EntityServer.cpp index 1351220714..129c3600c7 100644 --- a/assignment-client/src/entities/EntityServer.cpp +++ b/assignment-client/src/entities/EntityServer.cpp @@ -492,7 +492,7 @@ void EntityServer::startDynamicDomainVerification() { qCDebug(entities) << "Entity passed dynamic domain verification:" << i.value(); } } else { - qCDebug(entities) << "Call to proof_of_purchase_status endpoint failed; deleting entity" << i.value(); + qCDebug(entities) << "Call to" << networkReply->url() << "failed with error" << networkReply->error() << "; deleting entity" << i.value(); tree->deleteEntity(i.value(), true); } diff --git a/libraries/entities/src/EntityItem.cpp b/libraries/entities/src/EntityItem.cpp index 15ef5295e0..2239ee03b6 100644 --- a/libraries/entities/src/EntityItem.cpp +++ b/libraries/entities/src/EntityItem.cpp @@ -1626,20 +1626,39 @@ bool EntityItem::verifyStaticCertificateProperties() { return false; } - const auto signatureBytes = QByteArray::fromBase64(getCertificateID().toLatin1()); - const auto signature = reinterpret_cast(signatureBytes.constData()); - const unsigned int signatureLength = signatureBytes.length(); + const QByteArray marketplacePublicKeyByteArray = EntityItem::_marketplacePublicKey.toUtf8(); + const unsigned char* marketplacePublicKey = reinterpret_cast(marketplacePublicKeyByteArray.constData()); + int marketplacePublicKeyLength = marketplacePublicKeyByteArray.length(); - const auto hash = getStaticCertificateHash(); - const auto text = reinterpret_cast(hash.constData()); - const unsigned int textLength = hash.length(); - - BIO *bio = BIO_new_mem_buf((void*)EntityItem::_marketplacePublicKey.toUtf8().constData(), -1); + BIO *bio = BIO_new_mem_buf((void*)marketplacePublicKey, marketplacePublicKeyLength); EVP_PKEY* evp_key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); if (evp_key) { RSA* rsa = EVP_PKEY_get1_RSA(evp_key); if (rsa) { - bool answer = RSA_verify(NID_sha256, text, textLength, signature, signatureLength, rsa); + const QByteArray digestByteArray = getStaticCertificateHash(); + const unsigned char* digest = reinterpret_cast(digestByteArray.constData()); + int digestLength = digestByteArray.length(); + + const QByteArray signatureByteArray = QByteArray::fromBase64(getCertificateID().toUtf8()); + const unsigned char* signature = reinterpret_cast(signatureByteArray.constData()); + int signatureLength = signatureByteArray.length(); + + ERR_clear_error(); + bool answer = RSA_verify(NID_sha256, + digest, + digestLength, + signature, + signatureLength, + rsa); + long error = ERR_get_error(); + if (error != 0) { + const char* error_str = ERR_error_string(error, NULL); + qCWarning(entities) << "ERROR while verifying static certificate properties! RSA error:" << error_str + << "\nStatic Cert JSON:" << getStaticCertificateJSON() + << "\nKey:" << EntityItem::_marketplacePublicKey << "\nKey Length:" << marketplacePublicKeyLength + << "\nDigest:" << digest << "\nDigest Length:" << digestLength + << "\nSignature:" << signature << "\nSignature Length:" << signatureLength; + } RSA_free(rsa); if (bio) { BIO_free(bio); diff --git a/libraries/entities/src/EntityTree.cpp b/libraries/entities/src/EntityTree.cpp index bca921fe0f..463eae7fd0 100644 --- a/libraries/entities/src/EntityTree.cpp +++ b/libraries/entities/src/EntityTree.cpp @@ -1307,7 +1307,7 @@ void EntityTree::validatePop(const QString& certID, const EntityItemID& entityIt } } } else { - qCDebug(entities) << "Call to proof_of_purchase_status endpoint failed; deleting entity" << entityItemID; + qCDebug(entities) << "Call to" << networkReply->url() << "failed with error" << networkReply->error() << "; deleting entity" << entityItemID; deleteEntity(entityItemID, true); }