Merge branch 'master' into encrypt-pin

debug/db.go

@@ -32,10 +32,18 @@ func (k KeyInfo) String() string {
 
 func ToKeyInfo(k []byte, sessionId string) (KeyInfo, error) {
 	o := KeyInfo{}
-	
+	b := []byte(sessionId)
+
+	if len(k) <= len(b) {
+		return o, fmt.Errorf("storage key missing")
+	}
+
 	o.SessionId = sessionId
+
 	o.Typ = uint8(k[0])
 	k = k[1:]
+	o.SessionId = string(k[:len(b)])
+	k = k[len(b):]
 
 	if o.Typ == visedb.DATATYPE_USERDATA {
 		if len(k) == 0 {
@@ -45,18 +53,28 @@ func ToKeyInfo(k []byte, sessionId string) (KeyInfo, error) {
 		o.SubTyp = storedb.DataTyp(v)
 		o.Label = subTypToString(o.SubTyp)
 		k = k[2:]
-		if len(k) != 0 {
-			return o, fmt.Errorf("excess key information: %x", k)
-		}
 	} else {
 		o.Label = typToString(o.Typ)
-		k = k[2:]
 	}
 
-	
+	if len(k) != 0 {
+		return o, fmt.Errorf("excess key information")
+	}
+
 	return o, nil
 }
 
+func FromKey(k []byte) (KeyInfo, error) {
+	o := KeyInfo{}
+
+	if len(k) < 4 {
+		return o, fmt.Errorf("insufficient key length")
+	}
+
+	sessionIdBytes := k[1:len(k)-2]
+	return ToKeyInfo(k, string(sessionIdBytes))
+}
+
 func subTypToString(v storedb.DataTyp) string {
 	return dbTypStr[v + visedb.DATATYPE_USERDATA + 1]
 }

debug/db_debug.go

@@ -29,9 +29,6 @@ func init() {
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_PUBLIC_KEY_REVERSE] = "public_key_reverse"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_ACTIVE_DECIMAL] = "active decimal"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_ACTIVE_ADDRESS] = "active address"
-	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_INCORRECT_PIN_ATTEMPTS] = "incorrect pin attempts"
-	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_SELECTED_LANGUAGE_CODE] = "selected language"
-	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_INITIAL_LANGUAGE_CODE] = "initial language"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_VOUCHER_SYMBOLS] = "voucher symbols"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_VOUCHER_BALANCES] = "voucher balances"
 	dbTypStr[db.DATATYPE_USERDATA + 1 + storedb.DATA_VOUCHER_DECIMALS] = "voucher decimals"

debug/db_test.go

@@ -10,6 +10,7 @@ import (
 func TestDebugDbSubKeyInfo(t *testing.T) {
 	s := "foo"
 	b := []byte{0x20}
+	b = append(b, []byte(s)...)
 	b = append(b, []byte{0x00, 0x02}...)
 	r, err := ToKeyInfo(b, s)
 	if err != nil {
@@ -55,6 +56,7 @@ func TestDebugDbKeyInfo(t *testing.T) {
 func TestDebugDbKeyInfoRestore(t *testing.T) {
 	s := "bar"
 	b := []byte{visedb.DATATYPE_USERDATA}
+	b = append(b, []byte(s)...)
 	k := storedb.ToBytes(storedb.DATA_ACTIVE_SYM)
 	b = append(b, k...)
 

devtools/store/dump/main.go

@@ -19,13 +19,12 @@ var (
 	scriptDir = path.Join("services", "registration")
 )
 
-func formatItem(k []byte, v []byte, sessionId string) (string, error) {
+func formatItem(k []byte, v []byte) (string, error) {
-	o, err := debug.ToKeyInfo(k, sessionId)
+	o, err := debug.FromKey(k)
 	if err != nil {
 		return "", err
 	}
-	s := fmt.Sprintf("%v\t%v\n", o.Label, string(v))
+	s := fmt.Sprintf("%vValue: %v\n\n", o, string(v))
-
 	return s, nil
 }
 
@@ -37,19 +36,18 @@ func main() {
 	var database string
 	var engineDebug bool
 	var err error
-	var first bool
 
 	flag.StringVar(&sessionId, "session-id", "075xx2123", "session id")
-	flag.StringVar(&connStr, "c", "", "connection string")
+	flag.StringVar(&connStr, "c", ".state", "connection string")
 	flag.BoolVar(&engineDebug, "d", false, "use engine debug output")
 	flag.Parse()
 
-	if connStr == "" {
+	if connStr != "" {
 		connStr = config.DbConn()
 	}
 	connData, err := storage.ToConnData(connStr)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "connstr err: %v\n", err)
+		fmt.Fprintf(os.Stderr, "connstr err: %v", err)
 		os.Exit(1)
 	}
 
@@ -67,10 +65,9 @@ func main() {
 		fmt.Fprintf(os.Stderr, "get userdata db: %v\n", err.Error())
 		os.Exit(1)
 	}
-	store.SetSession(sessionId)
 	store.SetPrefix(db.DATATYPE_USERDATA)
 
-	d, err := store.Dump(ctx, []byte(""))
+	d, err := store.Dump(ctx, []byte(sessionId))
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "store dump fail: %v\n", err.Error())
 		os.Exit(1)
@@ -81,13 +78,9 @@ func main() {
 		if k == nil {
 			break
 		}
-		if !first {
+		r, err := formatItem(k, v)
-			fmt.Printf("Session ID: %s\n---\n", sessionId)
-			first = true
-		}
-		r, err := formatItem(append([]byte{db.DATATYPE_USERDATA}, k...), v, sessionId)
 		if err != nil {
-			fmt.Fprintf(os.Stderr, "format db item error: %v\n", err)
+			fmt.Fprintf(os.Stderr, "format db item error: %v", err)
 			os.Exit(1)
 		}
 		fmt.Printf(r)

devtools/store/generate/main.go

@@ -0,0 +1,86 @@
+package main
+
+import (
+	"context"
+	"crypto/sha1"
+	"flag"
+	"fmt"
+	"os"
+	"path"
+
+	testdataloader "github.com/peteole/testdata-loader"
+	"git.defalsify.org/vise.git/logging"
+	"git.grassecon.net/grassrootseconomics/sarafu-vise/config"
+	"git.grassecon.net/grassrootseconomics/visedriver/storage"
+	"git.grassecon.net/grassrootseconomics/sarafu-vise/store"
+	storedb "git.grassecon.net/grassrootseconomics/sarafu-vise/store/db"
+)
+
+var (
+	logg      = logging.NewVanilla()
+	baseDir   = testdataloader.GetBasePath()
+	scriptDir = path.Join("services", "registration")
+)
+
+func main() {
+	config.LoadConfig()
+
+	var connStr string
+	var sessionId string
+	var database string
+	var engineDebug bool
+	var err error
+
+	flag.StringVar(&sessionId, "session-id", "075xx2123", "session id")
+	flag.StringVar(&connStr, "c", "", "connection string")
+	flag.BoolVar(&engineDebug, "d", false, "use engine debug output")
+	flag.Parse()
+
+	if connStr != "" {
+		connStr = config.DbConn()
+	}
+	connData, err := storage.ToConnData(connStr)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "connstr err: %v", err)
+		os.Exit(1)
+	}
+
+	logg.Infof("start command", "conn", connData)
+
+	ctx := context.Background()
+	ctx = context.WithValue(ctx, "SessionId", sessionId)
+	ctx = context.WithValue(ctx, "Database", database)
+
+	resourceDir := scriptDir
+	menuStorageService := storage.NewMenuStorageService(connData, resourceDir)
+	
+	userDb, err := menuStorageService.GetUserdataDb(ctx)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+	userStore := store.UserDataStore{userDb}
+
+	h := sha1.New()
+	h.Write([]byte(sessionId))
+	address := h.Sum(nil)
+	addressString := fmt.Sprintf("%x", address)
+
+	err = userStore.WriteEntry(ctx, sessionId, storedb.DATA_PUBLIC_KEY, []byte(addressString))
+	if err != nil {
+		fmt.Fprintf(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+
+	err = userStore.WriteEntry(ctx, addressString, storedb.DATA_PUBLIC_KEY_REVERSE, []byte(sessionId))
+	if err != nil {
+		fmt.Fprintf(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+
+	err = userDb.Close()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+}

go.mod

@@ -3,7 +3,7 @@ module git.grassecon.net/grassrootseconomics/sarafu-vise
 go 1.23.4
 
 require (
-	git.defalsify.org/vise.git v0.2.3-0.20250118155735-c1256156ed8b
+	git.defalsify.org/vise.git v0.2.3-0.20250115000535-e2d329b3f739
 	git.grassecon.net/grassrootseconomics/common v0.0.0-20250113174703-6afccefd1f05
 	git.grassecon.net/grassrootseconomics/sarafu-api v0.0.0-20250115072214-bca7c5de969f
 	git.grassecon.net/grassrootseconomics/visedriver v0.8.0-beta.10.0.20250115003256-c0534ede1b63

go.sum

@@ -1,5 +1,5 @@
-git.defalsify.org/vise.git v0.2.3-0.20250118155735-c1256156ed8b h1:ac6OThj6nqQb3TUyXHqv/vQOQUQZ98XKpYTBHZFbxUI=
+git.defalsify.org/vise.git v0.2.3-0.20250115000535-e2d329b3f739 h1:w7pj1oh7jXrfajahVYU7m7AfHst4C6jNVzDVoaqJ7e8=
-git.defalsify.org/vise.git v0.2.3-0.20250118155735-c1256156ed8b/go.mod h1:jyBMe1qTYUz3mmuoC9JQ/TvFeW0vTanCUcPu3H8p4Ck=
+git.defalsify.org/vise.git v0.2.3-0.20250115000535-e2d329b3f739/go.mod h1:jyBMe1qTYUz3mmuoC9JQ/TvFeW0vTanCUcPu3H8p4Ck=
 git.grassecon.net/grassrootseconomics/common v0.0.0-20250113174703-6afccefd1f05 h1:BenzGx6aDHKDwE23/mWIFD2InYIXyzHroZWV3MF5WUk=
 git.grassecon.net/grassrootseconomics/common v0.0.0-20250113174703-6afccefd1f05/go.mod h1:wgQJZGIS6QuNLHqDhcsvehsbn5PvgV7aziRebMnJi60=
 git.grassecon.net/grassrootseconomics/sarafu-api v0.0.0-20250115072214-bca7c5de969f h1:FgccQi8vipX6dUt+GRiRDYHMR3UqC+plz73vw7y3fyU=

handlers/application/menuhandler_test.go

@@ -1223,13 +1223,20 @@ func TestVerifyCreatePin(t *testing.T) {
 		},
 	}
 
+	// Hash the correct PIN
+	hashedPIN, err := pin.HashPIN("1234")
+	if err != nil {
+		logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
+		t.Fatal(err)
+	}
+
+	err = store.WriteEntry(ctx, sessionId, storedb.DATA_TEMPORARY_VALUE, []byte(hashedPIN))
+	if err != nil {
+		t.Fatal(err)
+	}
+
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			err = store.WriteEntry(ctx, sessionId, storedb.DATA_TEMPORARY_VALUE, []byte("1234"))
-			if err != nil {
-				t.Fatal(err)
-			}
-
 			// Call the method under test
 			res, err := h.VerifyCreatePin(ctx, "verify_create_pin", []byte(tt.input))
 
@@ -1908,13 +1915,13 @@ func TestConfirmPin(t *testing.T) {
 	tests := []struct {
 		name           string
 		input          []byte
-		temporarypin   []byte
+		temporarypin   string
 		expectedResult resource.Result
 	}{
 		{
 			name:         "Test with correct pin confirmation",
 			input:        []byte("1234"),
-			temporarypin: []byte("1234"),
+			temporarypin: "1234",
 			expectedResult: resource.Result{
 				FlagReset: []uint32{flag_pin_mismatch},
 			},
@@ -1922,14 +1929,21 @@ func TestConfirmPin(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
+			// Hash the PIN
+			hashedPIN, err := pin.HashPIN(tt.temporarypin)
+			if err != nil {
+				logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
+				t.Fatal(err)
+			}
+
 			// Set up the expected behavior of the mock
-			err := store.WriteEntry(ctx, sessionId, storedb.DATA_TEMPORARY_VALUE, []byte(tt.temporarypin))
+			err = store.WriteEntry(ctx, sessionId, storedb.DATA_TEMPORARY_VALUE, []byte(hashedPIN))
 			if err != nil {
 				t.Fatal(err)
 			}
 
 			//Call the function under test
-			res, _ := h.ConfirmPinChange(ctx, "confirm_pin_change", tt.temporarypin)
+			res, _ := h.ConfirmPinChange(ctx, "confirm_pin_change", tt.input)
 
 			//Assert that the result set to content is what was expected
 			assert.Equal(t, res, tt.expectedResult, "Result should contain flags set according to user input")

services/registration/send.vis

@@ -3,7 +3,7 @@ RELOAD transaction_reset
 CATCH no_voucher flag_no_active_voucher 1
 MOUT back 0
 HALT
-LOAD validate_recipient 20
+LOAD validate_recipient 50
 RELOAD validate_recipient
 CATCH invalid_recipient flag_invalid_recipient 1
 CATCH invite_recipient flag_invalid_recipient_with_invite 1