Abort when we see funky stuff from secretstream api

3 years ago · 35593443b5
2 changed files with 38 additions and 36 deletions
--- a/src/chatmodel.cpp
+++ b/src/chatmodel.cpp
@ -477,20 +477,23 @@ Tx MainWindow::createTxFromChatPage() {
        unsigned char pk[crypto_kx_PUBLICKEYBYTES];
        unsigned char server_rx[crypto_kx_SESSIONKEYBYTES], server_tx[crypto_kx_SESSIONKEYBYTES];
      
-                if (crypto_kx_seed_keypair(pk,sk,
-                           MESSAGEAS1) !=0) {
+        if (crypto_kx_seed_keypair(pk,sk, MESSAGEAS1) !=0) {
+               this->logger->write("Suspicious keypair, bail out ");
+               qDebug() << __func__<< ": Suspicious client public outgoing key from crypto_kx_seed_keypair, aborting!";
+               return;
+          }

-                               this->logger->write("Suspicious keypair, bail out ");
-                           }
         ////////////////Get the pubkey from Bob, so we can create the share key

        const QByteArray pubkeyBobArray = QByteArray::fromHex(pubkey.toLatin1());
        const unsigned char *pubkeyBob = reinterpret_cast<const unsigned char *>(pubkeyBobArray.constData());
-                    /////Create the shared key for sending the message

-            if (crypto_kx_server_session_keys(server_rx, server_tx,
-                                  pk, sk, pubkeyBob) != 0) {
-            this->logger->write("Suspicious client public send key, bail out ");
+        /////Create the shared key for sending the message
+
+            if (crypto_kx_server_session_keys(server_rx, server_tx, pk, sk, pubkeyBob) != 0) {
+               this->logger->write("Suspicious client public send key, bail out ");
+               qDebug() << __func__ << ": Suspicious client public send key from crypto_kx_server_session_keys, aborting!";
+               return;
             }

    
@ -821,6 +824,8 @@ Tx MainWindow::createTxForSafeContactRequest()

         if (crypto_kx_seed_keypair(pk, sk, MESSAGEAS1) !=0) {
            this->logger->write("Suspicious client public contact request key, bail out ");
+             qDebug() << __func__ << ": Suspicious client public send key from crypto_kx_seed_keypair, aborting!";
+             return;
         }

         QString publicKey = QByteArray(reinterpret_cast<const char*>(pk), crypto_kx_PUBLICKEYBYTES).toHex();
--- a/src/mainwindow.cpp
+++ b/src/mainwindow.cpp
@ -1884,21 +1884,22 @@ Tx MainWindow::createTxFromSendChatPage() {
        unsigned char pk[crypto_kx_PUBLICKEYBYTES];
        unsigned char server_rx[crypto_kx_SESSIONKEYBYTES], server_tx[crypto_kx_SESSIONKEYBYTES];
      
-                if (crypto_kx_seed_keypair(pk,sk,
-                           MESSAGEAS1) !=0) {
-
-                               this->logger->write("Suspicious keypair, bail out ");
-                           }
+        if (crypto_kx_seed_keypair(pk,sk, MESSAGEAS1) !=0) {
+            this->logger->write("Suspicious keypair, bail out ");
+            qDebug() << __func__ << ": Suspicious client public send key from crypto_kx_seed_keypair, aborting!";
+            return;
+        }
         ////////////////Get the pubkey from Bob, so we can create the share key

        const QByteArray pubkeyBobArray = QByteArray::fromHex(pubkey.toLatin1());
        const unsigned char *pubkeyBob = reinterpret_cast<const unsigned char *>(pubkeyBobArray.constData());
                    /////Create the shared key for sending the message

-            if (crypto_kx_server_session_keys(server_rx, server_tx,
-                                  pk, sk, pubkeyBob) != 0) {
-            this->logger->write("Suspicious client public send key, bail out ");
-             }
+            if (crypto_kx_server_session_keys(server_rx, server_tx, pk, sk, pubkeyBob) != 0) {
+                this->logger->write("Suspicious client public send key, bail out ");
+                qDebug() << __func__ << ": Suspicious client public send key from crypto_kx_server_session_keys, aborting!";
+                return;
+            }

    
            // Let's try to preserve Unicode characters
@ -1937,10 +1938,8 @@ Tx MainWindow::createTxFromSendChatPage() {
             /////Ciphertext Memo
            QString memo = QByteArray(reinterpret_cast<const char*>(ciphertext), CIPHERTEXT_LEN).toHex();
         
-   
             tx.toAddrs.push_back(ToFields{addr, amtHm, hmemo});
             tx.toAddrs.push_back(ToFields{addr, amt, memo});
-
   } 
   }

@ -2173,21 +2172,22 @@ Tx MainWindow::createTxFromSendRequestChatPage() {
        unsigned char pk[crypto_kx_PUBLICKEYBYTES];
        unsigned char server_rx[crypto_kx_SESSIONKEYBYTES], server_tx[crypto_kx_SESSIONKEYBYTES];
      
-                if (crypto_kx_seed_keypair(pk,sk,
-                           MESSAGEAS1) !=0) {
-
-                               this->logger->write("Suspicious keypair, bail out ");
-                           }
+           if (crypto_kx_seed_keypair(pk,sk, MESSAGEAS1) !=0) {
+               this->logger->write("Suspicious keypair, bail out ");
+               qDebug() << __func__<< ": Suspicious client public outgoing key from crypto_kx_seed_keypair, aborting!";
+               return;
+           }
         ////////////////Get the pubkey from Bob, so we can create the share key

        const QByteArray pubkeyBobArray = QByteArray::fromHex(pubkey.toLatin1());
        const unsigned char *pubkeyBob = reinterpret_cast<const unsigned char *>(pubkeyBobArray.constData());
                    /////Create the shared key for sending the message

-            if (crypto_kx_server_session_keys(server_rx, server_tx,
-                                  pk, sk, pubkeyBob) != 0) {
-            this->logger->write("Suspicious client public send key, bail out ");
-             }
+            if (crypto_kx_server_session_keys(server_rx, server_tx, pk, sk, pubkeyBob) != 0) {
+                this->logger->write("Suspicious client public send key, bail out ");
+               qDebug() << __func__ << ": Suspicious client public send key from crypto_kx_server_session_keys, aborting!";
+               return;
+            }

    
            // Let's try to preserve Unicode characters
@ -2417,7 +2417,7 @@ void MainWindow::addNewZaddr(bool sapling) {
            ui->listReceiveAddresses->insertItem(0, addr); 
            ui->listReceiveAddresses->setCurrentIndex(0);

-            ui->statusBar->showMessage(QString::fromStdString("Created new zAddr") %
+            ui->statusBar->showMessage(QString::fromStdString("Created new zaddr") %
                                       (sapling ? "(Sapling)" : "(Sprout)"), 
                                       10 * 1000);
        }
@ -2779,11 +2779,8 @@ void MainWindow::slot_change_currency(const QString& currency_name)
    {
       saved_currency_name = Settings::getInstance()->get_currency_name();
       
-    }
-    catch (...)
-    {
-        saved_currency_name = "USD";
-        
+    } catch (...) {
+        saved_currency_name = "BTC";
    }
 }

@ -2845,6 +2842,8 @@ void MainWindow::on_givemeZaddr_clicked()
                });
 }

+
+// TODO: The way emoji work really need to change, this is madness
 void MainWindow::on_emojiButton_clicked()
 {

@ -2961,8 +2960,6 @@ QObject::connect(emoji.sd, &QPushButton::clicked, [&] () {
        
 });

-
-
    emojiDialog.exec();
 }