From 90e9089e85628a4b3e154ef16c02cc9d2015b979 Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Mon, 22 Feb 2016 13:23:01 -0800 Subject: [PATCH] repairs for storage of domain ID in AM accounts file --- domain-server/src/DomainServer.cpp | 1 + libraries/networking/src/AccountManager.cpp | 18 ++-- .../networking/src/DataServerAccountInfo.cpp | 85 ++++++++----------- .../networking/src/DataServerAccountInfo.h | 8 +- 4 files changed, 48 insertions(+), 64 deletions(-) diff --git a/domain-server/src/DomainServer.cpp b/domain-server/src/DomainServer.cpp index 0f57370aa0..f66a28f063 100644 --- a/domain-server/src/DomainServer.cpp +++ b/domain-server/src/DomainServer.cpp @@ -492,6 +492,7 @@ void DomainServer::setupICEHeartbeatForFullNetworking() { // to send ICE heartbeats we'd better have a private key locally with an uploaded public key auto& accountManager = AccountManager::getInstance(); auto domainID = accountManager.getAccountInfo().getDomainID(); + if (!accountManager.getAccountInfo().hasPrivateKey() || domainID != limitedNodeList->getSessionUUID()) { accountManager.generateNewDomainKeypair(limitedNodeList->getSessionUUID()); } diff --git a/libraries/networking/src/AccountManager.cpp b/libraries/networking/src/AccountManager.cpp index e9b44b2f87..fc1d8e9458 100644 --- a/libraries/networking/src/AccountManager.cpp +++ b/libraries/networking/src/AccountManager.cpp @@ -67,8 +67,7 @@ JSONCallbackParameters::JSONCallbackParameters(QObject* jsonCallbackReceiver, co AccountManager::AccountManager() : _authURL(), - _pendingCallbackMap(), - _accountInfo() + _pendingCallbackMap() { qRegisterMetaType("OAuthAccessToken"); qRegisterMetaTypeStreamOperators("OAuthAccessToken"); @@ -171,7 +170,7 @@ void AccountManager::setAuthURL(const QUrl& authURL) { auto accountsMap = accountMapFromFile(loadedMap); if (accountsFile.exists() && loadedMap) { - // pull out the stored access token and store it in memory + // pull out the stored account info and store it in memory _accountInfo = accountsMap[_authURL.toString()].value(); qCDebug(networking) << "Found metaverse API account information for" << qPrintable(_authURL.toString()); @@ -462,10 +461,7 @@ bool AccountManager::checkAndSignalForAccessToken() { } void AccountManager::setAccessTokenForCurrentAuthURL(const QString& accessToken) { - // clear our current DataServerAccountInfo - _accountInfo = DataServerAccountInfo(); - - // start the new account info with a new OAuthAccessToken + // replace the account info access token with a new OAuthAccessToken OAuthAccessToken newOAuthToken; newOAuthToken.token = accessToken; @@ -598,10 +594,12 @@ void AccountManager::generateNewKeypair(bool isUserKeypair, const QUuid& domainI generateThread->setObjectName("Account Manager Generator Thread"); // setup a keypair generator - RSAKeypairGenerator* keypairGenerator = new RSAKeypairGenerator { this }; + RSAKeypairGenerator* keypairGenerator = new RSAKeypairGenerator; if (!isUserKeypair) { keypairGenerator->setDomainID(domainID); + _accountInfo.setDomainID(domainID); + qDebug() << "The account info domain ID is now" << _accountInfo.getDomainID(); } // start keypair generation when the thread starts @@ -617,13 +615,13 @@ void AccountManager::generateNewKeypair(bool isUserKeypair, const QUuid& domainI keypairGenerator->moveToThread(generateThread); - qCDebug(networking) << "Starting worker thread to generate 2048-bit RSA key-pair."; + qCDebug(networking) << "Starting worker thread to generate 2048-bit RSA keypair."; generateThread->start(); } void AccountManager::processGeneratedKeypair() { - qCDebug(networking) << "Generated 2048-bit RSA key-pair. Storing private key and uploading public key."; + qCDebug(networking) << "Generated 2048-bit RSA keypair. Storing private key and uploading public key."; RSAKeypairGenerator* keypairGenerator = qobject_cast(sender()); diff --git a/libraries/networking/src/DataServerAccountInfo.cpp b/libraries/networking/src/DataServerAccountInfo.cpp index ae6d7c4c9b..20c7f778c9 100644 --- a/libraries/networking/src/DataServerAccountInfo.cpp +++ b/libraries/networking/src/DataServerAccountInfo.cpp @@ -25,19 +25,6 @@ #pragma clang diagnostic ignored "-Wdeprecated-declarations" #endif -DataServerAccountInfo::DataServerAccountInfo() : - _accessToken(), - _username(), - _xmppPassword(), - _discourseApiKey(), - _walletID(), - _balance(0), - _hasBalance(false), - _privateKey() -{ - -} - DataServerAccountInfo::DataServerAccountInfo(const DataServerAccountInfo& otherInfo) : QObject() { _accessToken = otherInfo._accessToken; _username = otherInfo._username; @@ -47,6 +34,7 @@ DataServerAccountInfo::DataServerAccountInfo(const DataServerAccountInfo& otherI _balance = otherInfo._balance; _hasBalance = otherInfo._hasBalance; _privateKey = otherInfo._privateKey; + _domainID = otherInfo._domainID; } DataServerAccountInfo& DataServerAccountInfo::operator=(const DataServerAccountInfo& otherInfo) { @@ -66,6 +54,7 @@ void DataServerAccountInfo::swap(DataServerAccountInfo& otherInfo) { swap(_balance, otherInfo._balance); swap(_hasBalance, otherInfo._hasBalance); swap(_privateKey, otherInfo._privateKey); + swap(_domainID, otherInfo._domainID); } void DataServerAccountInfo::setAccessTokenFromJSON(const QJsonObject& jsonObject) { @@ -129,53 +118,49 @@ void DataServerAccountInfo::setProfileInfoFromJSON(const QJsonObject& jsonObject QByteArray DataServerAccountInfo::getUsernameSignature(const QUuid& connectionToken) { - if (!_privateKey.isEmpty()) { - const char* privateKeyData = _privateKey.constData(); - RSA* rsaPrivateKey = d2i_RSAPrivateKey(NULL, - reinterpret_cast(&privateKeyData), - _privateKey.size()); - if (rsaPrivateKey) { - QByteArray lowercaseUsername = _username.toLower().toUtf8(); - QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()), - QCryptographicHash::Sha256); - - QByteArray usernameSignature(RSA_size(rsaPrivateKey), 0); - unsigned int usernameSignatureSize = 0; - - int encryptReturn = RSA_sign(NID_sha256, - reinterpret_cast(usernameWithToken.constData()), - usernameWithToken.size(), - reinterpret_cast(usernameSignature.data()), - &usernameSignatureSize, - rsaPrivateKey); - - // free the private key RSA struct now that we are done with it - RSA_free(rsaPrivateKey); + if (!_privateKey.isEmpty()) { + const char* privateKeyData = _privateKey.constData(); + RSA* rsaPrivateKey = d2i_RSAPrivateKey(NULL, + reinterpret_cast(&privateKeyData), + _privateKey.size()); + if (rsaPrivateKey) { + QByteArray lowercaseUsername = _username.toLower().toUtf8(); + QByteArray usernameWithToken = QCryptographicHash::hash(lowercaseUsername.append(connectionToken.toRfc4122()), + QCryptographicHash::Sha256); + + QByteArray usernameSignature(RSA_size(rsaPrivateKey), 0); + unsigned int usernameSignatureSize = 0; + + int encryptReturn = RSA_sign(NID_sha256, + reinterpret_cast(usernameWithToken.constData()), + usernameWithToken.size(), + reinterpret_cast(usernameSignature.data()), + &usernameSignatureSize, + rsaPrivateKey); + + // free the private key RSA struct now that we are done with it + RSA_free(rsaPrivateKey); - if (encryptReturn == -1) { - qCDebug(networking) << "Error encrypting username signature."; - qCDebug(networking) << "Will re-attempt on next domain-server check in."; - } else { - qDebug(networking) << "Returning username" << _username << "signed with connection UUID" << uuidStringWithoutCurlyBraces(connectionToken); - return usernameSignature; - } - - } else { - qCDebug(networking) << "Could not create RSA struct from QByteArray private key."; + if (encryptReturn == -1) { + qCDebug(networking) << "Error encrypting username signature."; qCDebug(networking) << "Will re-attempt on next domain-server check in."; + } else { + qDebug(networking) << "Returning username" << _username << "signed with connection UUID" << uuidStringWithoutCurlyBraces(connectionToken); + return usernameSignature; } + + } else { + qCDebug(networking) << "Could not create RSA struct from QByteArray private key."; + qCDebug(networking) << "Will re-attempt on next domain-server check in."; } + } return QByteArray(); } -void DataServerAccountInfo::setPrivateKey(const QByteArray& privateKey) { - _privateKey = privateKey; - -} - QDataStream& operator<<(QDataStream &out, const DataServerAccountInfo& info) { out << info._accessToken << info._username << info._xmppPassword << info._discourseApiKey << info._walletID << info._privateKey << info._domainID; + return out; } diff --git a/libraries/networking/src/DataServerAccountInfo.h b/libraries/networking/src/DataServerAccountInfo.h index 8f6fb83f79..483cd28ff2 100644 --- a/libraries/networking/src/DataServerAccountInfo.h +++ b/libraries/networking/src/DataServerAccountInfo.h @@ -23,7 +23,7 @@ const float SATOSHIS_PER_CREDIT = 100000000.0f; class DataServerAccountInfo : public QObject { Q_OBJECT public: - DataServerAccountInfo(); + DataServerAccountInfo() {}; DataServerAccountInfo(const DataServerAccountInfo& otherInfo); DataServerAccountInfo& operator=(const DataServerAccountInfo& otherInfo); @@ -52,7 +52,7 @@ public: QByteArray getUsernameSignature(const QUuid& connectionToken); bool hasPrivateKey() const { return !_privateKey.isEmpty(); } - void setPrivateKey(const QByteArray& privateKey); + void setPrivateKey(const QByteArray& privateKey) { _privateKey = privateKey; } void setDomainID(const QUuid& domainID) { _domainID = domainID; } const QUuid& getDomainID() const { return _domainID; } @@ -73,8 +73,8 @@ private: QString _xmppPassword; QString _discourseApiKey; QUuid _walletID; - qint64 _balance; - bool _hasBalance; + qint64 _balance { 0 }; + bool _hasBalance { false }; QUuid _domainID; // if this holds account info for a domain, this holds the ID of that domain QByteArray _privateKey;