From 13629f6870fe60b0f094c316b0b2f04e200602bc Mon Sep 17 00:00:00 2001
From: Howard Stearns <howard@highfidelity.io>
Date: Wed, 15 Aug 2018 11:23:50 -0700
Subject: [PATCH] bypass setup and password, and convert old wallets to account
 based before lockering

---
 .../qml/hifi/commerce/wallet/Help.qml         | 11 +++++----
 .../qml/hifi/commerce/wallet/Wallet.qml       | 24 ++++++++++++++++---
 interface/src/commerce/Ledger.cpp             |  1 +
 interface/src/commerce/Wallet.cpp             | 24 +++++++++++++++----
 4 files changed, 48 insertions(+), 12 deletions(-)

diff --git a/interface/resources/qml/hifi/commerce/wallet/Help.qml b/interface/resources/qml/hifi/commerce/wallet/Help.qml
index b453509712..e38f23e5a5 100644
--- a/interface/resources/qml/hifi/commerce/wallet/Help.qml
+++ b/interface/resources/qml/hifi/commerce/wallet/Help.qml
@@ -114,11 +114,9 @@ In your Wallet's Send Money tab, choose from your list of connections, or choose
         ListElement {
             isExpanded: false;
             question: "What is a Security Pic?"
-            answer: "Your Security Pic is an encrypted image that you select during Wallet Setup. \
-It acts as an extra layer of Wallet security. \
-When you see your Security Pic, you know that your actions and data are securely making use of your private keys.\
-<br><br>Don't enter your passphrase anywhere that doesn't display your Security Pic! \
-If you don't see your Security Pic on a page that requests your Wallet passphrase, someone untrustworthy may be trying to access your Wallet.";
+            answer: "Your Security Pic acts as an extra layer of Wallet security. \
+When you see your Security Pic, you know that your actions and data are securely making use of your account. \
+<b><font color='#0093C5'><a href='#securitypic'>Tap here to change your Security Pic.</a></font></b>";
         }
         ListElement {
             isExpanded: false;
@@ -260,6 +258,9 @@ At the moment, there is currently no way to convert HFC to other currencies. Sta
                             }
                         } else if (link === "#support") {
                             Qt.openUrlExternally("mailto:support@highfidelity.com");
+                        } else if (link === "#securitypic") {
+                            console.log("HRS FIXME here");
+                            sendSignalToWallet({method: 'walletSecurity_changeSecurityImage'});
                         }
                     }
                 }
diff --git a/interface/resources/qml/hifi/commerce/wallet/Wallet.qml b/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
index 603d7fb676..f48553a4d0 100644
--- a/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
+++ b/interface/resources/qml/hifi/commerce/wallet/Wallet.qml
@@ -257,9 +257,9 @@ Rectangle {
         Connections {
             onSendSignalToWallet: {
                 if (msg.method === 'walletSecurity_changeSecurityImageCancelled') {
-                    root.activeView = "security";
+                    root.activeView = "walletHome"; // was "security";
                 } else if (msg.method === 'walletSecurity_changeSecurityImageSuccess') {
-                    root.activeView = "security";
+                    root.activeView = "walletHome"; // was "security";
                 } else {
                     sendToScript(msg);
                 }
@@ -399,6 +399,9 @@ Rectangle {
             onSendSignalToWallet: {
                 if (msg.method === 'walletReset' || msg.method === 'passphraseReset') {
                     sendToScript(msg);
+                } else if (msg.method === 'walletSecurity_changeSecurityImage') {
+                    securityImageChange.initModel();
+                    root.activeView = "securityImageChange";
                 }
             }
         }
@@ -607,7 +610,7 @@ Rectangle {
             }
 
             RalewaySemiBold {
-                text: "SECURITY";
+                text: "PURCHASES"; // was "SECURITY";
                 // Text size
                 size: 16;
                 // Anchors
@@ -629,8 +632,11 @@ Rectangle {
                 anchors.fill: parent;
                 hoverEnabled: enabled;
                 onClicked: {
+                    sendToScript({method: 'goToPurchases_fromWalletHome'});
+                    /* was
                     root.activeView = "security";
                     tabButtonsContainer.resetTabButtonColors();
+                    */
                 }
                 onEntered: parent.color = hifi.colors.blueHighlight;
                 onExited: parent.color = root.activeView === "security" ? hifi.colors.blueAccent : hifi.colors.black;
@@ -803,12 +809,24 @@ Rectangle {
     }
 
     function walletResetSetup() {
+        /* Bypass all this and do it automatically
         root.activeView = "walletSetup";
         var timestamp = new Date();
         walletSetup.startingTimestamp = timestamp;
         walletSetup.setupAttemptID = generateUUID();
         UserActivityLogger.commerceWalletSetupStarted(timestamp, walletSetup.setupAttemptID, walletSetup.setupFlowVersion, walletSetup.referrer ? walletSetup.referrer : "wallet app",
             (AddressManager.placename || AddressManager.hostname || '') + (AddressManager.pathname ? AddressManager.pathname.match(/\/[^\/]+/)[0] : ''));
+            */
+
+        var randomNumber = Math.floor(Math.random() * 34) + 1;
+        var securityImagePath = "images/" + addLeadingZero(randomNumber) + ".jpg";
+        Commerce.getWalletAuthenticatedStatus(); // before writing security image, ensures that salt/account password is set.
+        Commerce.chooseSecurityImage(securityImagePath);
+        Commerce.generateKeyPair();
+    }
+
+    function addLeadingZero(n) {
+        return n < 10 ? '0' + n : '' + n;
     }
 
     function followReferrer(msg) {
diff --git a/interface/src/commerce/Ledger.cpp b/interface/src/commerce/Ledger.cpp
index 4ab76c42f5..18d22057fd 100644
--- a/interface/src/commerce/Ledger.cpp
+++ b/interface/src/commerce/Ledger.cpp
@@ -307,6 +307,7 @@ void Ledger::accountSuccess(QNetworkReply* reply) {
     wallet->setCKey(ckey);
     if (!locker.isEmpty()) {
         wallet->setWallet(locker);
+        wallet->setPassphrase("ACCOUNT"); // We only locker wallets that have been converted to account-based auth.
     }
 
     QString keyStatus = "ok";
diff --git a/interface/src/commerce/Wallet.cpp b/interface/src/commerce/Wallet.cpp
index fb6a0c9b03..84e90544ff 100644
--- a/interface/src/commerce/Wallet.cpp
+++ b/interface/src/commerce/Wallet.cpp
@@ -131,7 +131,7 @@ bool Wallet::writeBackupInstructions() {
     QFile outputFile(outputFilename);
     bool retval = false;
 
-    if (getKeyFilePath() == "")
+    if (getKeyFilePath().isEmpty())
     {
         return false;
     }
@@ -360,7 +360,7 @@ Wallet::Wallet() {
         uint status;
         QString keyStatus = result.contains("data") ? result["data"].toObject()["keyStatus"].toString() : "";
 
-        if (wallet->getKeyFilePath() == "" || !wallet->getSecurityImage()) {
+        if (wallet->getKeyFilePath().isEmpty() || !wallet->getSecurityImage()) {
             if (keyStatus == "preexisting") {
                 status = (uint) WalletStatus::WALLET_STATUS_PREEXISTING;
             } else{
@@ -550,15 +550,23 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
 
     // FIXME: initialize OpenSSL elsewhere soon
     initialize();
+    qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: checking" << (!_passphrase || !_passphrase->isEmpty());
 
     // this should always be false if we don't have a passphrase
     // cached yet
     if (!_passphrase || _passphrase->isEmpty()) {
-        return false;
+        if (!getKeyFilePath().isEmpty()) { // If file exists, then it is an old school file that has not been lockered. Must get user's passphrase.
+            qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: No passphrase, but there is an existing wallet.";
+            return false;
+        } else {
+            qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: New setup.";
+            setPassphrase("ACCOUNT"); // Going forward, consider this an account-based client.
+        }
     }
     if (_publicKeys.count() > 0) {
         // we _must_ be authenticated if the publicKeys are there
         DependencyManager::get<WalletScriptingInterface>()->setWalletStatus((uint)WalletStatus::WALLET_STATUS_READY);
+        qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet was ready";
         return true;
     }
 
@@ -571,10 +579,15 @@ bool Wallet::walletIsAuthenticatedWithPassphrase() {
 
             // be sure to add the public key so we don't do this over and over
             _publicKeys.push_back(publicKey.toBase64());
+
+            if (*_passphrase != "ACCOUNT") {
+                changePassphrase("ACCOUNT"); // Rewrites with salt and constant, and will be lockered that way.
+            }
+            qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet now ready";
             return true;
         }
     }
-
+    qCDebug(commerce) << "walletIsAuthenticatedWithPassphrase: wallet not ready";
     return false;
 }
 
@@ -585,6 +598,7 @@ bool Wallet::generateKeyPair() {
     qCInfo(commerce) << "Generating keypair.";
     auto keyPair = generateECKeypair();
     if (!keyPair.first) {
+        qCWarning(commerce) << "Empty keypair";
         return false;
     }
 
@@ -692,11 +706,13 @@ void Wallet::chooseSecurityImage(const QString& filename) {
     // there _is_ a keyfile, we need to update it (similar to changing the
     // passphrase, we need to do so into a temp file and move it).
     if (!QFile(keyFilePath()).exists()) {
+        qCDebug(commerce) << "initial security pic set for empty wallet";
         emit securityImageResult(true);
         return;
     }
 
     bool success = writeWallet();
+    qCDebug(commerce) << "updated security pic" << success;
     emit securityImageResult(success);
 }