Fix changing password.
GitOrigin-RevId: 1cbaa3df8e34030803e5553cc45481b9a466d0b3
This commit is contained in:
parent
94a4bbcac4
commit
6a94c83f66
@ -39,17 +39,20 @@ static void hash_sha256(Slice data, Slice salt, MutableSlice dest) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
BufferSlice PasswordManager::calc_password_hash(Slice password, Slice client_salt, Slice server_salt) {
|
BufferSlice PasswordManager::calc_password_hash(Slice password, Slice client_salt, Slice server_salt) {
|
||||||
|
LOG(INFO) << "Begin password hash calculation";
|
||||||
BufferSlice buf(32);
|
BufferSlice buf(32);
|
||||||
hash_sha256(password, client_salt, buf.as_slice());
|
hash_sha256(password, client_salt, buf.as_slice());
|
||||||
hash_sha256(buf.as_slice(), server_salt, buf.as_slice());
|
hash_sha256(buf.as_slice(), server_salt, buf.as_slice());
|
||||||
BufferSlice hash(64);
|
BufferSlice hash(64);
|
||||||
pbkdf2_sha512(buf.as_slice(), client_salt, 100000, hash.as_slice());
|
pbkdf2_sha512(buf.as_slice(), client_salt, 100000, hash.as_slice());
|
||||||
hash_sha256(hash.as_slice(), server_salt, buf.as_slice());
|
hash_sha256(hash.as_slice(), server_salt, buf.as_slice());
|
||||||
|
LOG(INFO) << "End password hash calculation";
|
||||||
return buf;
|
return buf;
|
||||||
}
|
}
|
||||||
|
|
||||||
Result<BufferSlice> PasswordManager::calc_password_srp_hash(Slice password, Slice client_salt, Slice server_salt,
|
Result<BufferSlice> PasswordManager::calc_password_srp_hash(Slice password, Slice client_salt, Slice server_salt,
|
||||||
int32 g, Slice p) {
|
int32 g, Slice p) {
|
||||||
|
LOG(INFO) << "Begin password SRP hash calculation";
|
||||||
TRY_STATUS(DhHandshake::check_config(g, p, DhCache::instance()));
|
TRY_STATUS(DhHandshake::check_config(g, p, DhCache::instance()));
|
||||||
|
|
||||||
auto hash = calc_password_hash(password, client_salt, server_salt);
|
auto hash = calc_password_hash(password, client_salt, server_salt);
|
||||||
@ -62,7 +65,9 @@ Result<BufferSlice> PasswordManager::calc_password_srp_hash(Slice password, Slic
|
|||||||
BigNum v_bn;
|
BigNum v_bn;
|
||||||
BigNum::mod_exp(v_bn, g_bn, x_bn, p_bn, ctx);
|
BigNum::mod_exp(v_bn, g_bn, x_bn, p_bn, ctx);
|
||||||
|
|
||||||
return BufferSlice(v_bn.to_binary(256));
|
BufferSlice result(v_bn.to_binary(256));
|
||||||
|
LOG(INFO) << "End password SRP hash calculation";
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
tl_object_ptr<telegram_api::InputCheckPasswordSRP> PasswordManager::get_input_check_password(
|
tl_object_ptr<telegram_api::InputCheckPasswordSRP> PasswordManager::get_input_check_password(
|
||||||
@ -84,6 +89,7 @@ tl_object_ptr<telegram_api::InputCheckPasswordSRP> PasswordManager::get_input_ch
|
|||||||
return make_tl_object<telegram_api::inputCheckPasswordEmpty>();
|
return make_tl_object<telegram_api::inputCheckPasswordEmpty>();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
LOG(INFO) << "Begin input password SRP hash calculation";
|
||||||
BigNum g_bn;
|
BigNum g_bn;
|
||||||
g_bn.set_value(g);
|
g_bn.set_value(g);
|
||||||
auto g_padded = g_bn.to_binary(256);
|
auto g_padded = g_bn.to_binary(256);
|
||||||
@ -130,6 +136,7 @@ tl_object_ptr<telegram_api::InputCheckPasswordSRP> PasswordManager::get_input_ch
|
|||||||
}
|
}
|
||||||
auto M = sha256(PSLICE() << h1 << sha256(client_salt) << sha256(server_salt) << A << B << K);
|
auto M = sha256(PSLICE() << h1 << sha256(client_salt) << sha256(server_salt) << A << B << K);
|
||||||
|
|
||||||
|
LOG(INFO) << "End input password SRP hash calculation";
|
||||||
return make_tl_object<telegram_api::inputCheckPasswordSRP>(id, BufferSlice(A), BufferSlice(M));
|
return make_tl_object<telegram_api::inputCheckPasswordSRP>(id, BufferSlice(A), BufferSlice(M));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -157,6 +164,7 @@ void PasswordManager::set_password(string current_password, string new_password,
|
|||||||
|
|
||||||
update_password_settings(std::move(update_settings), std::move(promise));
|
update_password_settings(std::move(update_settings), std::move(promise));
|
||||||
}
|
}
|
||||||
|
|
||||||
void PasswordManager::set_recovery_email_address(string password, string new_recovery_email_address,
|
void PasswordManager::set_recovery_email_address(string password, string new_recovery_email_address,
|
||||||
Promise<State> promise) {
|
Promise<State> promise) {
|
||||||
UpdateSettings update_settings;
|
UpdateSettings update_settings;
|
||||||
@ -469,8 +477,20 @@ static BufferSlice create_salt(Slice salt_prefix) {
|
|||||||
|
|
||||||
void PasswordManager::do_update_password_settings(UpdateSettings update_settings, PasswordFullState full_state,
|
void PasswordManager::do_update_password_settings(UpdateSettings update_settings, PasswordFullState full_state,
|
||||||
Promise<bool> promise) {
|
Promise<bool> promise) {
|
||||||
auto state = std::move(full_state.state);
|
// PasswordState has already been used to get PasswordPrivateState and need to be reget
|
||||||
auto private_state = std::move(full_state.private_state);
|
do_get_state(PromiseCreator::lambda([actor_id = actor_id(this), update_settings = std::move(update_settings),
|
||||||
|
private_state = std::move(full_state.private_state),
|
||||||
|
promise = std::move(promise)](Result<PasswordState> r_state) mutable {
|
||||||
|
if (r_state.is_error()) {
|
||||||
|
return promise.set_error(r_state.move_as_error());
|
||||||
|
}
|
||||||
|
send_closure(actor_id, &PasswordManager::do_update_password_settings_impl, std::move(update_settings),
|
||||||
|
r_state.move_as_ok(), std::move(private_state), std::move(promise));
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
|
void PasswordManager::do_update_password_settings_impl(UpdateSettings update_settings, PasswordState state,
|
||||||
|
PasswordPrivateState private_state, Promise<bool> promise) {
|
||||||
auto new_settings = make_tl_object<telegram_api::account_passwordInputSettings>();
|
auto new_settings = make_tl_object<telegram_api::account_passwordInputSettings>();
|
||||||
if (update_settings.update_password) {
|
if (update_settings.update_password) {
|
||||||
new_settings->flags_ |= telegram_api::account_passwordInputSettings::NEW_PASSWORD_HASH_MASK;
|
new_settings->flags_ |= telegram_api::account_passwordInputSettings::NEW_PASSWORD_HASH_MASK;
|
||||||
|
@ -158,6 +158,8 @@ class PasswordManager : public NetQueryCallback {
|
|||||||
|
|
||||||
void update_password_settings(UpdateSettings update_settings, Promise<State> promise);
|
void update_password_settings(UpdateSettings update_settings, Promise<State> promise);
|
||||||
void do_update_password_settings(UpdateSettings update_settings, PasswordFullState full_state, Promise<bool> promise);
|
void do_update_password_settings(UpdateSettings update_settings, PasswordFullState full_state, Promise<bool> promise);
|
||||||
|
void do_update_password_settings_impl(UpdateSettings update_settings, PasswordState state,
|
||||||
|
PasswordPrivateState private_state, Promise<bool> promise);
|
||||||
void do_get_state(Promise<PasswordState> promise);
|
void do_get_state(Promise<PasswordState> promise);
|
||||||
void get_full_state(string password, Promise<PasswordFullState> promise);
|
void get_full_state(string password, Promise<PasswordFullState> promise);
|
||||||
void do_get_secure_secret(bool recursive, string passwod, optional<int64>, Promise<secure_storage::Secret> promise);
|
void do_get_secure_secret(bool recursive, string passwod, optional<int64>, Promise<secure_storage::Secret> promise);
|
||||||
|
Reference in New Issue
Block a user