From c3e66c95814b9ed08fbf273fdd4273c9381e5817 Mon Sep 17 00:00:00 2001
From: Zach Fox <fox@highfidelity.io>
Date: Wed, 11 Oct 2017 16:38:48 -0700
Subject: [PATCH] Fixes

---
 interface/src/commerce/Wallet.cpp     | 36 ++++++++++++++------------
 libraries/entities/src/EntityTree.cpp | 37 ++++++++++++++-------------
 libraries/entities/src/EntityTree.h   |  2 +-
 3 files changed, 40 insertions(+), 35 deletions(-)

diff --git a/interface/src/commerce/Wallet.cpp b/interface/src/commerce/Wallet.cpp
index 702a94625a..16800c6ad3 100644
--- a/interface/src/commerce/Wallet.cpp
+++ b/interface/src/commerce/Wallet.cpp
@@ -730,28 +730,32 @@ void Wallet::handleChallengeOwnershipPacket(QSharedPointer<ReceivedMessage> pack
 
     RSA* rsa = readKeys(keyFilePath().toStdString().c_str());
 
-    const int decryptionStatus = RSA_private_decrypt(textLength, text, reinterpret_cast<unsigned char*>(encryptedText.data()), rsa, RSA_PKCS1_OAEP_PADDING);
-    RSA_free(rsa);
+    if (rsa) {
+        const int decryptionStatus = RSA_private_decrypt(textLength, text, reinterpret_cast<unsigned char*>(encryptedText.data()), rsa, RSA_PKCS1_OAEP_PADDING);
+        RSA_free(rsa);
 
-    if (decryptionStatus != -1) {
-        auto nodeList = DependencyManager::get<NodeList>();
+        if (decryptionStatus != -1) {
+            auto nodeList = DependencyManager::get<NodeList>();
 
-        QByteArray decryptedTextByteArray = decryptedText.toUtf8();
-        int decryptedTextByteArraySize = decryptedTextByteArray.size();
-        int certIDSize = certID.size();
-        // setup the packet
-        auto decryptedTextPacket = NLPacket::create(PacketType::ChallengeOwnership, certIDSize + decryptedTextByteArraySize + 2*sizeof(int), true);
+            QByteArray decryptedTextByteArray = decryptedText.toUtf8();
+            int decryptedTextByteArraySize = decryptedTextByteArray.size();
+            int certIDSize = certID.size();
+            // setup the packet
+            auto decryptedTextPacket = NLPacket::create(PacketType::ChallengeOwnership, certIDSize + decryptedTextByteArraySize + 2 * sizeof(int), true);
 
-        decryptedTextPacket->writePrimitive(certIDSize);
-        decryptedTextPacket->writePrimitive(decryptedTextByteArraySize);
-        decryptedTextPacket->write(certID);
-        decryptedTextPacket->write(decryptedTextByteArray);
+            decryptedTextPacket->writePrimitive(certIDSize);
+            decryptedTextPacket->writePrimitive(decryptedTextByteArraySize);
+            decryptedTextPacket->write(certID);
+            decryptedTextPacket->write(decryptedTextByteArray);
 
-        qCDebug(commerce) << "Sending ChallengeOwnership Packet containing decrypted text";
+            qCDebug(commerce) << "Sending ChallengeOwnership Packet containing decrypted text";
 
-        nodeList->sendPacket(std::move(decryptedTextPacket), *sendingNode);
+            nodeList->sendPacket(std::move(decryptedTextPacket), *sendingNode);
+        } else {
+            qCDebug(commerce) << "During entity ownership challenge, decrypting the encrypted text failed.";
+        }
     } else {
-        qCDebug(commerce) << "During entity ownership challenge, decrypting the encrypted text failed.";
+        qCDebug(commerce) << "During entity ownership challenge, creating the RSA object failed.";
     }
 }
 
diff --git a/libraries/entities/src/EntityTree.cpp b/libraries/entities/src/EntityTree.cpp
index 48c148906e..7995a7894e 100644
--- a/libraries/entities/src/EntityTree.cpp
+++ b/libraries/entities/src/EntityTree.cpp
@@ -1159,28 +1159,32 @@ void EntityTree::startPendingTransferStatusTimer(const QString& certID, const En
     transferStatusRetryTimer->start(90000);
 }
 
-QString EntityTree::computeEncryptedNonce(const QString& certID, const QString& ownerKey) {
+QString EntityTree::computeEncryptedNonce(const QString& certID, const QString ownerKey) {
     QUuid nonce = QUuid::createUuid();
     const auto text = reinterpret_cast<const unsigned char*>(qPrintable(nonce.toString()));
     const unsigned int textLength = nonce.toString().length();
 
-    const auto publicKey = reinterpret_cast<const unsigned char*>(ownerKey.toUtf8().toBase64().constData());
-    BIO* bio = BIO_new_mem_buf((void*)publicKey, sizeof(publicKey));
+    BIO* bio = BIO_new_mem_buf((void*)ownerKey.toUtf8().constData(), -1);
+    BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); // NO NEWLINE
     RSA* rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL);
 
-    QByteArray encryptedText(RSA_size(rsa), 0);
-    const int encryptStatus = RSA_public_encrypt(textLength, text, reinterpret_cast<unsigned char*>(encryptedText.data()), rsa, RSA_PKCS1_OAEP_PADDING);
-    BIO_free(bio);
-    RSA_free(rsa);
-    if (encryptStatus == -1) {
-        qCWarning(entities) << "Unable to compute encrypted nonce for" << certID;
-        return "";
-    }
+    //if (rsa) {
+        QByteArray encryptedText(RSA_size(rsa), 0);
+        const int encryptStatus = RSA_public_encrypt(textLength, text, reinterpret_cast<unsigned char*>(encryptedText.data()), rsa, RSA_PKCS1_OAEP_PADDING);
+        BIO_free(bio);
+        RSA_free(rsa);
+        if (encryptStatus == -1) {
+            qCWarning(entities) << "Unable to compute encrypted nonce for" << certID;
+            return "";
+        }
 
-    QWriteLocker locker(&_certNonceMapLock);
-    _certNonceMap.insert(certID, nonce);
+        QWriteLocker locker(&_certNonceMapLock);
+        _certNonceMap.insert(certID, nonce);
 
-    return encryptedText.toBase64();
+        return encryptedText.toBase64();
+    //} else {
+    //    return "";
+    //}
 }
 
 bool EntityTree::verifyDecryptedNonce(const QString& certID, const QString& decryptedNonce) {
@@ -1246,8 +1250,7 @@ void EntityTree::validatePop(const QString& certID, const EntityItemID& entityIt
             } else {
                 // Second, challenge ownership of the PoP cert
                 // 1. Encrypt a nonce with the owner's public key
-                QString ownerKey(jsonObject["transfer_recipient_key"].toString());
-                QString encryptedText = computeEncryptedNonce(certID, ownerKey);
+                QString encryptedText = computeEncryptedNonce(certID, jsonObject["transfer_recipient_key"].toString());
 
                 if (encryptedText == "") {
                     qCDebug(entities) << "CRITICAL ERROR: Couldn't compute encrypted nonce. Deleting entity...";
@@ -1260,8 +1263,6 @@ void EntityTree::validatePop(const QString& certID, const EntityItemID& entityIt
                     int certIDByteArraySize = certIDByteArray.size();
                     QByteArray encryptedTextByteArray = encryptedText.toUtf8();
                     int encryptedTextByteArraySize = encryptedTextByteArray.size();
-                    QByteArray ownerKeyByteArray = ownerKey.toUtf8();
-                    int ownerKeyByteArraySize = ownerKeyByteArray.size();
                     auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnership,
                         certIDByteArraySize + encryptedTextByteArraySize + 2 * sizeof(int),
                         true);
diff --git a/libraries/entities/src/EntityTree.h b/libraries/entities/src/EntityTree.h
index fc6a913ffe..cffe0f6bb1 100644
--- a/libraries/entities/src/EntityTree.h
+++ b/libraries/entities/src/EntityTree.h
@@ -385,7 +385,7 @@ protected:
     Q_INVOKABLE void startPendingTransferStatusTimer(const QString& certID, const EntityItemID& entityItemID, const SharedNodePointer& senderNode);
 
 private:
-    QString computeEncryptedNonce(const QString& certID, const QString& ownerKey);
+    QString computeEncryptedNonce(const QString& certID, const QString ownerKey);
     bool verifyDecryptedNonce(const QString& certID, const QString& decryptedNonce);
     void validatePop(const QString& certID, const EntityItemID& entityItemID, const SharedNodePointer& senderNode, bool isRetryingValidation);
 };