account work

2024-10-01 06:55:46 -04:00 · 2023-07-09 13:55:53 -04:00 · 2023-07-09 13:55:53 -04:00 · f44fdb8eeb
commit f44fdb8eeb
parent 0aa586a29c
2 changed files with 25 additions and 2 deletions
--- a/lib/entities/local_account.dart
+++ b/lib/entities/local_account.dart
@ -38,6 +38,8 @@ class LocalAccount with _$LocalAccount {
    required IdentityMaster identityMaster,
    // The encrypted identity secret that goes with the identityPublicKey
    @Uint8ListJsonConverter() required Uint8List identitySecretKeyBytes,
+    // The salt for the identity secret key encryption
+    @Uint8ListJsonConverter() required Uint8List identitySecretSaltBytes,
    // The kind of encryption input used on the account
    required EncryptionKeyType encryptionKeyType,
    // If account is not hidden, password can be retrieved via
--- a/lib/state/local_account_manager.dart
+++ b/lib/state/local_account_manager.dart
@ -80,6 +80,12 @@ class LocalAccountManager {
          Uint8List.fromList(utf8.encode(jsonEncode(identityMaster)));
      await dhtctx.setDHTValue(masterRecordKey, 0, identityMasterBytes);

+      // Write empty identity to account map
+      const identity = Identity(accountKeyPairs: {});
+      final identityBytes =
+          Uint8List.fromList(utf8.encode(jsonEncode(identity)));
+      await dhtctx.setDHTValue(identityRecordKey, 0, identityBytes);
+
      return IdentityMasterWithSecrets(
          identityMaster: identityMaster,
          masterSecret: masterSecret,
@ -91,6 +97,7 @@ class LocalAccountManager {
      if (identityRec != null) {
        await dhtctx.deleteDHTRecord(identityRec.key);
      }
+      rethrow;
    }
  }

@ -100,15 +107,29 @@ class LocalAccountManager {
      SecretKey identitySecret,
      EncryptionKeyType encryptionKeyType,
      String encryptionKey) async {
-    //
+    // Encrypt identitySecret with key
+    final cs = await Veilid.instance.bestCryptoSystem();
+    final ekbytes = Uint8List.fromList(utf8.encode(encryptionKey));
+    final nonce = await cs.randomNonce();
+    final eksalt = nonce.decode();
+    SharedSecret sharedSecret = await cs.deriveSharedSecret(ekbytes, eksalt);
+    final identitySecretBytes =
+        await cs.cryptNoAuth(identitySecret.decode(), nonce, sharedSecret);

-    return LocalAccount(
+    // Create local account object
+    final localAccount = LocalAccount(
      identityMaster: identityMaster,
      identitySecretKeyBytes: identitySecretBytes,
+      identitySecretSaltBytes: eksalt,
      encryptionKeyType: encryptionKeyType,
      biometricsEnabled: false,
      hiddenAccount: false,
    );
+
+    // Push
+
+    // Return local account object
+    return localAccount;
  }
 }