From 1571d5940950e997ff6147943fbf01453d90fcc4 Mon Sep 17 00:00:00 2001 From: tobtoht Date: Tue, 31 Jan 2023 17:00:50 +0100 Subject: [PATCH] wallet_api: do not cache wallet password --- monero | 2 +- src/MainWindow.cpp | 8 +++++--- src/dialog/PasswordChangeDialog.cpp | 7 +++---- src/libwalletqt/Wallet.cpp | 14 +++++++------- src/libwalletqt/Wallet.h | 8 ++++---- 5 files changed, 20 insertions(+), 19 deletions(-) diff --git a/monero b/monero index 18bdad8..57e2417 160000 --- a/monero +++ b/monero @@ -1 +1 @@ -Subproject commit 18bdad879d9f25f35f065354aedf1236e6b0a60b +Subproject commit 57e241748fb8caec0033f84cb14ef7861132c4e6 diff --git a/src/MainWindow.cpp b/src/MainWindow.cpp index b9e316f..64e6306 100644 --- a/src/MainWindow.cpp +++ b/src/MainWindow.cpp @@ -798,7 +798,8 @@ void MainWindow::showPasswordDialog() { } void MainWindow::updatePasswordIcon() { - QIcon icon = m_ctx->wallet->getPassword().isEmpty() ? icons()->icon("unlock.svg") : icons()->icon("lock.svg"); + bool emptyPassword = m_ctx->wallet->verifyPassword(""); + QIcon icon = emptyPassword ? icons()->icon("unlock.svg") : icons()->icon("lock.svg"); m_statusBtnPassword->setIcon(icon); } @@ -1650,7 +1651,8 @@ bool MainWindow::verifyPassword(bool sensitive) { if (ret == QDialog::Rejected) { return false; } - if (passwordDialog.password != m_ctx->wallet->getPassword()) { + + if (!m_ctx->wallet->verifyPassword(passwordDialog.password)) { incorrectPassword = true; continue; } @@ -1725,7 +1727,7 @@ void MainWindow::unlockWallet(const QString &password) { return; } - if (password != m_ctx->wallet->getPassword()) { + if (!m_ctx->wallet->verifyPassword(password)) { m_walletUnlockWidget->incorrectPassword(); return; } diff --git a/src/dialog/PasswordChangeDialog.cpp b/src/dialog/PasswordChangeDialog.cpp index f7c9920..a2cf526 100644 --- a/src/dialog/PasswordChangeDialog.cpp +++ b/src/dialog/PasswordChangeDialog.cpp @@ -13,8 +13,7 @@ PasswordChangeDialog::PasswordChangeDialog(QWidget *parent, Wallet *wallet) { ui->setupUi(this); - bool noPassword = wallet->getPassword().isEmpty(); - + bool noPassword = wallet->verifyPassword(""); QString warning_str = noPassword ? "Your wallet is not password protected. Use this dialog to add a password to your wallet." : "Your wallet is password protected and encrypted. Use this dialog to change your password."; ui->label_warning->setText(warning_str); @@ -50,14 +49,14 @@ void PasswordChangeDialog::setPassword() { QString currentPassword = ui->lineEdit_currentPassword->text(); QString newPassword = ui->lineEdit_newPassword->text(); - if (currentPassword != m_wallet->getPassword()) { + if (!m_wallet->verifyPassword(currentPassword)) { QMessageBox::warning(this, "Error", "Incorrect password"); ui->lineEdit_currentPassword->setText(""); ui->lineEdit_currentPassword->setFocus(); return; } - if (m_wallet->setPassword(newPassword)) { + if (m_wallet->setPassword(currentPassword, newPassword)) { QMessageBox::information(this, "Information", "Password changed successfully"); this->accept(); } diff --git a/src/libwalletqt/Wallet.cpp b/src/libwalletqt/Wallet.cpp index 6ecccdf..6cbbc89 100644 --- a/src/libwalletqt/Wallet.cpp +++ b/src/libwalletqt/Wallet.cpp @@ -164,14 +164,14 @@ QString Wallet::errorString() const return QString::fromStdString(m_walletImpl->errorString()); } -bool Wallet::setPassword(const QString &password) +bool Wallet::setPassword(const QString &oldPassword, const QString &newPassword) { - return m_walletImpl->setPassword(password.toStdString()); + return m_walletImpl->setPassword(oldPassword.toStdString(), newPassword.toStdString()); } -QString Wallet::getPassword() +bool Wallet::verifyPassword(const QString &password) { - return QString::fromStdString(m_walletImpl->getPassword()); + return m_walletImpl->verifyPassword(password.toStdString()); } QString Wallet::address(quint32 accountIndex, quint32 addressIndex) const @@ -198,9 +198,9 @@ QString Wallet::keysPath() const return QDir::toNativeSeparators(QString::fromStdString(m_walletImpl->keysFilename()));; } -void Wallet::store(const QString &path) +void Wallet::store() { - m_walletImpl->store(path.toStdString()); + m_walletImpl->store(); } bool Wallet::init(const QString &daemonAddress, bool trustedDaemon, quint64 upperTransactionLimit, bool isRecovering, bool isRecoveringFromDevice, quint64 restoreHeight, const QString& proxyAddress) @@ -1416,7 +1416,7 @@ Wallet::~Wallet() //Monero::WalletManagerFactory::getWalletManager()->closeWallet(m_walletImpl); if(status() == Status_Critical || status() == Status_BadPassword) qDebug("Not storing wallet cache"); - else if( m_walletImpl->store("")) + else if( m_walletImpl->store()) qDebug("Wallet cache stored successfully"); else qDebug("Error storing wallet cache"); diff --git a/src/libwalletqt/Wallet.h b/src/libwalletqt/Wallet.h index e30b4e6..84ee30f 100644 --- a/src/libwalletqt/Wallet.h +++ b/src/libwalletqt/Wallet.h @@ -144,10 +144,10 @@ public: QString errorString() const; //! changes the password using existing parameters (path, seed, seed lang) - bool setPassword(const QString &password); + bool setPassword(const QString &oldPassword, const QString &newPassword); - //! get current wallet password - QString getPassword(); + //! verify wallet password + bool verifyPassword(const QString &password); //! returns wallet's public address QString address(quint32 accountIndex, quint32 addressIndex) const; @@ -163,7 +163,7 @@ public: //! saves wallet to the file by given path //! empty path stores in current location - void store(const QString &path = ""); + void store(); // void storeAsync(const QJSValue &callback, const QString &path = ""); //! initializes wallet asynchronously