From e0f0dcea2704c5b6863bf184dc3f7d06f7f2d37f Mon Sep 17 00:00:00 2001
From: Benjamin Wenger <ben@elixxir.ioo>
Date: Fri, 19 Feb 2021 15:12:01 -0800
Subject: [PATCH] fixed the handling of the ownership proof when recieving a
 request after having already sent one

---
 auth/callback.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/auth/callback.go b/auth/callback.go
index 9fbe3bd24..19a260af5 100644
--- a/auth/callback.go
+++ b/auth/callback.go
@@ -144,7 +144,7 @@ func (m *Manager) handleRequest(cmixMsg format.Message,
 			// then exit, nothing else needed
 			case auth.Sent:
 				// do the confirmation
-				if err := m.doConfirm(sr2, grp, partnerPubKey,
+				if err := m.doConfirm(sr2, grp, partnerPubKey, myPubKey,
 					ecrFmt.GetOwnership()); err != nil {
 					jww.WARN.Printf("Confirmation failed: %s", err)
 				}
@@ -232,7 +232,8 @@ func (m *Manager) handleConfirm(cmixMsg format.Message, sr *auth.SentRequest,
 	}
 
 	// finalize the confirmation
-	if err := m.doConfirm(sr, grp, partnerPubKey, ecrFmt.GetOwnership()); err != nil {
+	if err := m.doConfirm(sr, grp, partnerPubKey, sr.GetPartnerHistoricalPubKey(),
+		ecrFmt.GetOwnership()); err != nil {
 		jww.WARN.Printf("Confirmation failed: %s", err)
 		m.storage.Auth().Fail(sr.GetPartner())
 		return
@@ -240,10 +241,10 @@ func (m *Manager) handleConfirm(cmixMsg format.Message, sr *auth.SentRequest,
 }
 
 func (m *Manager) doConfirm(sr *auth.SentRequest, grp *cyclic.Group,
-	partnerPubKey *cyclic.Int, ownershipProof []byte) error {
+	partnerPubKey, myPubKeyOwnershipProof *cyclic.Int, ownershipProof []byte) error {
 	// verify the message came from the intended recipient
 	if !cAuth.VerifyOwnershipProof(sr.GetMyPrivKey(),
-		sr.GetPartnerHistoricalPubKey(), grp, ownershipProof) {
+		myPubKeyOwnershipProof, grp, ownershipProof) {
 		return errors.Errorf("Failed authenticate identity for auth "+
 			"confirmation of %s", sr.GetPartner())
 	}
-- 
GitLab