Charon/blockchain
1
0
Fork 0
forked from lthn/blockchain
Code Pull requests Activity

new master password policy

Browse source
This commit is contained in:
cryptozoidberg 2019-07-22 14:53:53 +02:00
parent e8fe7b8124
commit 4149d312f9
No known key found for this signature in database
GPG key ID: 22DEB97A54C6FDEC
2 changed files with 47 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/gui/qt-daemon/application/mainwindow.cpp
View file

@ -1043,10 +1043,50 @@ QString MainWindow::get_secure_app_data(const QString& param)
return MAKE_RESPONSE(ar);
}
m_master_password = pwd.pass;
return app_data_buff.substr(sizeof(app_data_file_binary_header)).c_str();
CATCH_ENTRY2(API_RETURN_CODE_INTERNAL_ERROR);
}
QString MainWindow::set_master_password(const QString& param)
{
view::password_data pwd = AUTO_VAL_INIT(pwd);
if (!epee::serialization::load_t_from_json(pwd, param.toStdString()))
{
view::api_response ar;
ar.error_code = API_RETURN_CODE_BAD_ARG;
return MAKE_RESPONSE(ar);
}
m_master_password = pwd.pass;
view::api_response ar;
ar.error_code = API_RETURN_CODE_OK;
return MAKE_RESPONSE(ar);
}
QString MainWindow::check_master_password(const QString& param)
{
view::password_data pwd = AUTO_VAL_INIT(pwd);
view::api_response ar = AUTO_VAL_INIT(ar);
if (!epee::serialization::load_t_from_json(pwd, param.toStdString()))
{
ar.error_code = API_RETURN_CODE_BAD_ARG;
return MAKE_RESPONSE(ar);
}
if (m_master_password != pwd.pass)
{
ar.error_code = API_RETURN_CODE_WRONG_PASSWORD;
}else
{
ar.error_code = API_RETURN_CODE_OK;
}
return MAKE_RESPONSE(ar);
}
QString MainWindow::store_app_data(const QString& param)
{
TRY_ENTRY();
@ -1128,7 +1168,7 @@ QString MainWindow::get_app_data()
CATCH_ENTRY2(API_RETURN_CODE_INTERNAL_ERROR);
}
QString MainWindow::store_secure_app_data(const QString& param, const QString& pass)
QString MainWindow::store_secure_app_data(const QString& param)
{
TRY_ENTRY();
LOG_API_TIMING();
@ -1139,13 +1179,14 @@ QString MainWindow::store_secure_app_data(const QString& param, const QString& p
return MAKE_RESPONSE(ar);
}
std::string buff(sizeof(app_data_file_binary_header), 0);
app_data_file_binary_header* phdr = (app_data_file_binary_header*)buff.data();
phdr->m_signature = APP_DATA_FILE_BINARY_SIGNATURE;
phdr->m_cb_body = 0; // for future use
buff.append(param.toStdString());
crypto::chacha_crypt(buff, pass.toStdString());
crypto::chacha_crypt(buff, m_master_password);
bool r = file_io_utils::save_string_to_file(m_backend.get_config_folder() + "/" + GUI_SECURE_CONFIG_FILENAME, buff);
view::api_response ar;

5
src/gui/qt-daemon/application/mainwindow.h
View file

@ -100,7 +100,9 @@ public:
QString have_secure_app_data();
QString drop_secure_app_data();
QString get_secure_app_data(const QString& param);
QString store_secure_app_data(const QString& param, const QString& pass);
QString store_secure_app_data(const QString& param);
QString set_master_password(const QString& param);
QString check_master_password(const QString& param);
QString get_app_data();
QString store_app_data(const QString& param);
QString get_default_user_dir(const QString& param);
@ -230,6 +232,7 @@ private:
std::atomic<bool> m_backend_stopped_2;
std::atomic<bool> m_system_shutdown;
std::string m_master_password;
app_config m_config;