From b013eeff4bd917d03b977bcc4634a6b00b953d37 Mon Sep 17 00:00:00 2001 From: DenioD <41270280+DenioD@users.noreply.github.com> Date: Sun, 14 Jun 2020 08:15:32 +0200 Subject: [PATCH] use blake3 to hash the passphrase --- lib/silentdragonlitelib.h | 1 + lib/src/lib.rs | 24 +++++ src/firsttimewizard.cpp | 27 +++++- src/mainwindow.cpp | 183 +++++++++++++------------------------- 4 files changed, 109 insertions(+), 126 deletions(-) diff --git a/lib/silentdragonlitelib.h b/lib/silentdragonlitelib.h index 4546e70..fdea5db 100644 --- a/lib/silentdragonlitelib.h +++ b/lib/silentdragonlitelib.h @@ -13,6 +13,7 @@ extern char * litelib_initialize_new_from_phrase extern char * litelib_initialize_existing (bool dangerous, const char* server); extern char * litelib_execute (const char* s, const char* args); extern void litelib_rust_free_string (char* s); +extern char * blake3_PW (char* pw); #ifdef __cplusplus } diff --git a/lib/src/lib.rs b/lib/src/lib.rs index 8be7c55..4ac3bf0 100644 --- a/lib/src/lib.rs +++ b/lib/src/lib.rs @@ -29,6 +29,30 @@ pub extern fn litelib_wallet_exists(chain_name: *const c_char) -> bool { println!("Wallet exists: {}", config.wallet_exists()); config.wallet_exists() +} + +//////hash blake3 + +#[no_mangle] +pub extern fn blake3_PW(pw: *const c_char) -> *mut c_char{ + + let passwd = unsafe { + assert!(!pw.is_null()); + + CStr::from_ptr(pw).to_string_lossy().into_owned() + }; + + let data = passwd.as_bytes(); +// Hash an input all at once. +let hash1 = blake3::hash(data).to_hex(); +println!("\nBlake3 Hash: {}", hash1); + +//let sttring = CString::new(hash1).unwrap(); +let e_str = CString::new(format!("{}", hash1)).unwrap(); +return e_str.into_raw(); + + + } /// Create a new wallet and return the seed for the newly created wallet. diff --git a/src/firsttimewizard.cpp b/src/firsttimewizard.cpp index 5ef96bb..18f5487 100644 --- a/src/firsttimewizard.cpp +++ b/src/firsttimewizard.cpp @@ -16,6 +16,18 @@ FirstTimeWizard::FirstTimeWizard(bool dangerous, QString server) this->dangerous = dangerous; this->server = server; + ////backup addresslabels.dat if there is one, to restore it later + + auto dir = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)); + QString addressbook = dir.filePath("addresslabels.dat.enc"); + QFile file(addressbook); + + if (file.exists()) + { + file.rename(dir.filePath("addresslabels.dat.enc-backup")); + + } + // Create the pages setPage(Page_NewOrRestore, new NewOrRestorePage(this)); setPage(Page_New, new NewSeedPage(this)); @@ -60,9 +72,18 @@ NewOrRestorePage::NewOrRestorePage(FirstTimeWizard *parent) : QWizardPage(parent form.radioRestoreWallet->setEnabled(true); form.radioNewWallet->setEnabled(true); form.radioNewWallet->setChecked(true); - - -DataStore::getChatDataStore()->setPassword(Password); + int length = Password.length(); + char *sequence = NULL; + sequence = new char[length+1]; + strncpy(sequence, Password.toUtf8(), length +1); + + QString str = blake3_PW(sequence); + qDebug() << str; + DataStore::getChatDataStore()->setPassword(str); + + char *sequence1 = NULL; + sequence1 = new char[length]; + strncpy(sequence1, str.toUtf8(), length); //main->setPassword(Password); //qDebug()<<"Objekt gesetzt"; diff --git a/src/mainwindow.cpp b/src/mainwindow.cpp index 338c8b2..df05260 100644 --- a/src/mainwindow.cpp +++ b/src/mainwindow.cpp @@ -33,6 +33,7 @@ #include "Crypto/FileEncryption.h" #include "DataStore/DataStore.h" #include "firsttimewizard.h" +#include "../lib/silentdragonlitelib.h" using json = nlohmann::json; @@ -305,53 +306,28 @@ void MainWindow::closeEvent(QCloseEvent* event) { fileoldencryption.remove(); // Encrypt our wallet.dat - QString str = DataStore::getChatDataStore()->getPassword(); - // QString str = ed.txtPassword->text(); // data comes from user inputs - int length = str.length(); + QString passphraseHash = DataStore::getChatDataStore()->getPassword(); + int length = passphraseHash.length(); - char *sequence = NULL; - sequence = new char[length+1]; - strncpy(sequence, str.toLocal8Bit(), length +1); - - #define MESSAGE ((const unsigned char *) sequence) - #define MESSAGE_LEN length - - unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES]; - - crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN); - - #define PASSWORD sequence - #define KEY_LEN crypto_box_SEEDBYTES + char *sequence1 = NULL; + sequence1 = new char[length+1]; + strncpy(sequence1, passphraseHash.toUtf8(), length+1); - - - /////////we use the Hash of the Password as Salt, not perfect but still a good solution. - - unsigned char key[KEY_LEN]; + #define PassphraseHashEnd ((const unsigned char *) sequence1) + #define MESSAGE_LEN length - if (crypto_pwhash - (key, sizeof key, PASSWORD, strlen(PASSWORD), hash, - crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE, - crypto_pwhash_ALG_DEFAULT) != 0) { - /* out of memory */ -} - + #define PASSWORD sequence + #define KEY_LEN crypto_box_SEEDBYTES + auto dir = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)); - // auto dirHome = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)); - QString source_file = dir.filePath("addresslabels.dat"); - QString target_enc_file = dir.filePath("addresslabels.dat.enc"); QString sourceWallet_file = dirwallet; QString target_encWallet_file = dirwalletenc; - FileEncryption::encrypt(target_enc_file, source_file, key); - FileEncryption::encrypt(target_encWallet_file, sourceWallet_file, key); - - ///////////////// we rename the plaintext wallet.dat to Backup, for testing. + // FileEncryption::encrypt(target_enc_file, source_file, key); + FileEncryption::encrypt(target_encWallet_file, sourceWallet_file, PassphraseHashEnd); QFile wallet(dirwallet); - QFile address(dir.filePath("addresslabels.dat")); wallet.remove(); - address.remove(); } @@ -401,49 +377,34 @@ void MainWindow::encryptWallet() { QString passphrase = ed.txtPassword->text(); // data comes from user inputs int length = passphrase.length(); - DataStore::getChatDataStore()->setPassword(passphrase); - - char *sequence = NULL; - sequence = new char[length+1]; - strncpy(sequence, passphrase.toLocal8Bit(), length +1); - - #define MESSAGE ((const unsigned char *) sequence) - #define MESSAGE_LEN length - - unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES]; - - crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN); - - #define PASSWORD sequence - #define KEY_LEN crypto_box_SEEDBYTES + - + char *sequence = NULL; + sequence = new char[length+1]; + strncpy(sequence, passphrase.toUtf8(), length +1); + + QString passphraseHash = blake3_PW(sequence); + DataStore::getChatDataStore()->setPassword(passphraseHash); - /////////we use the Hash of the Password as Salt, not perfect but still a good solution. + char *sequence1 = NULL; + sequence1 = new char[length+1]; + strncpy(sequence1, passphraseHash.toUtf8(), length+1); - unsigned char key[KEY_LEN]; + #define MESSAGE1 ((const unsigned char *) sequence1) + #define MESSAGE_LEN length - if (crypto_pwhash - (key, sizeof key, PASSWORD, strlen(PASSWORD), hash, - crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE, - crypto_pwhash_ALG_DEFAULT) != 0) { - /* out of memory */ -} + #define PASSWORD sequence + #define KEY_LEN crypto_box_SEEDBYTES auto dir = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)); auto dirHome = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)); - QString source_file = dir.filePath("addresslabels.dat"); - QString target_enc_file = dir.filePath("addresslabels.dat.enc"); QString sourceWallet_file = dirwallet; QString target_encWallet_file = dirwalletenc; - - FileEncryption::encrypt(target_enc_file, source_file, key); - FileEncryption::encrypt(target_encWallet_file, sourceWallet_file, key); + + FileEncryption::encrypt(target_encWallet_file, sourceWallet_file, MESSAGE1); QFile wallet(dirwallet); - QFile address(dir.filePath("addresslabels.dat")); wallet.rename(dirwalletbackup); - address.rename(dir.filePath("addresslabels.datBackup")); QMessageBox::information(this, tr("Wallet Encryption Success"), QString("Successfully encrypted your wallet"), @@ -484,47 +445,34 @@ void MainWindow::removeWalletEncryption() { if (d.exec() == QDialog::Accepted) { - QString str = ed.txtPassword->text(); // data comes from user inputs - int length = str.length(); + QString passphrase = ed.txtPassword->text(); // data comes from user inputs + int length = passphrase.length(); char *sequence = NULL; sequence = new char[length+1]; - strncpy(sequence, str.toLocal8Bit(), length +1); + strncpy(sequence, passphrase.toUtf8(), length +1); + + QString passphraseHash = blake3_PW(sequence); - #define MESSAGE ((const unsigned char *) sequence) - #define MESSAGE_LEN length + char *sequence1 = NULL; + sequence1 = new char[length+1]; + strncpy(sequence1, passphraseHash.toUtf8(), length+1); - unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES]; + #define MESSAGE3 ((const unsigned char *) sequence1) + #define MESSAGE3_LEN length - crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN); #define PASSWORD sequence #define KEY_LEN crypto_box_SEEDBYTES - - - /////////we use the Hash of the Password as Salt, not perfect but still a good solution. - - unsigned char key[KEY_LEN]; - - if (crypto_pwhash - (key, sizeof key, PASSWORD, strlen(PASSWORD), hash, - crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE, - crypto_pwhash_ALG_DEFAULT) != 0) { - /* out of memory */ -} - - auto dir = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)); auto dirHome = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)); QString target_encwallet_file = dirwalletenc; QString target_decwallet_file = dirwallet; - QString target_encaddr_file = dir.filePath("addresslabels.dat.enc"); - QString target_decaddr_file = dir.filePath("addresslabels.dat"); - FileEncryption::decrypt(target_decwallet_file, target_encwallet_file, key); - FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, key); + FileEncryption::decrypt(target_decwallet_file, target_encwallet_file, MESSAGE3); + QFile filencrypted(dirwalletenc); QFile wallet(dirwallet); @@ -556,56 +504,42 @@ void MainWindow::removeWalletEncryptionStartUp() { QDialog d(this); Ui_startup ed; ed.setupUi(&d); - + if (d.exec() == QDialog::Accepted) { - QString password = ed.txtPassword->text(); // data comes from user inputs - int length = password.length(); - DataStore::getChatDataStore()->setPassword(password); + QString passphrase = ed.txtPassword->text(); // data comes from user inputs + int length = passphrase.length(); + char *sequence = NULL; sequence = new char[length+1]; - strncpy(sequence, password.toLocal8Bit(), length +1); + strncpy(sequence, passphrase.toUtf8(), length +1); + + QString passphraseHash = blake3_PW(sequence); + DataStore::getChatDataStore()->setPassword(passphraseHash); + + char *sequence1 = NULL; + sequence1 = new char[length+1]; + strncpy(sequence1, passphraseHash.toUtf8(), length+1); #define MESSAGE ((const unsigned char *) sequence) #define MESSAGE_LEN length - - unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES]; - - crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN); + #define hash ((const unsigned char *) sequence1) #define PASSWORD sequence - #define KEY_LEN crypto_box_SEEDBYTES - - - - /////////we use the Hash of the Password as Salt, not perfect but still a good solution. - - unsigned char key[KEY_LEN]; - - if (crypto_pwhash - (key, sizeof key, PASSWORD, strlen(PASSWORD), hash, - crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE, - crypto_pwhash_ALG_DEFAULT) != 0) { - /* out of memory */ - } - + #define KEY_LEN crypto_box_SEEDBYTES { auto dir = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)); auto dirHome = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)); QString target_encwallet_file = dirwalletenc; QString target_decwallet_file = dirwallet; - QString target_encaddr_file = dir.filePath("addresslabels.dat.enc"); - QString target_decaddr_file = dir.filePath("addresslabels.dat"); - FileEncryption::decrypt(target_decwallet_file, target_encwallet_file, key); - FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, key); + FileEncryption::decrypt(target_decwallet_file, target_encwallet_file, hash); } auto dirHome = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)); QFile wallet(dirwallet); - //QFile backup(dirHome.filePath(".silentdragonlite/silentdragonlite-wallet.datBACKUP"));*/ if (wallet.size() > 0) { @@ -1169,7 +1103,7 @@ void MainWindow::setupBalancesTab() { QList allAddresses; allAddresses = getRPC()->getModel()->getAllZAddresses(); - QString depositzaddr = allAddresses[1]; + QString depositzaddr = allAddresses[0]; deposithush.qrcodeDisplayDeposit->setQrcodeString(depositzaddr); deposithush.zaddr->setText(depositzaddr); @@ -1344,6 +1278,8 @@ void MainWindow::setupTransactionsTab() { void MainWindow::setupchatTab() { + ui->memoTxtChat->setEnabled(false); + /////////////Setting Icons for Chattab and different themes auto theme = Settings::getInstance()->get_theme_name(); @@ -1530,6 +1466,7 @@ void MainWindow::setupchatTab() { ui->listContactWidget->addAction(HushAction); ui->listContactWidget->addAction(requestHushAction); ui->listContactWidget->addAction(subatomicAction); + ui->memoTxtChat->setEnabled(true); /*QObject::connect(requestHushAction, &QAction::triggered, [=]() { QModelIndex index = ui->listContactWidget->currentIndex();