From f44fdb8eeb46aa8c01402bc096a1da7c04cdf1cf Mon Sep 17 00:00:00 2001
From: Christien Rioux <chris@veilid.org>
Date: Sun, 9 Jul 2023 13:55:53 -0400
Subject: [PATCH] account work

---
 lib/entities/local_account.dart      |  2 ++
 lib/state/local_account_manager.dart | 25 +++++++++++++++++++++++--
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/lib/entities/local_account.dart b/lib/entities/local_account.dart
index 6f81590..9aee585 100644
--- a/lib/entities/local_account.dart
+++ b/lib/entities/local_account.dart
@@ -38,6 +38,8 @@ class LocalAccount with _$LocalAccount {
     required IdentityMaster identityMaster,
     // The encrypted identity secret that goes with the identityPublicKey
     @Uint8ListJsonConverter() required Uint8List identitySecretKeyBytes,
+    // The salt for the identity secret key encryption
+    @Uint8ListJsonConverter() required Uint8List identitySecretSaltBytes,
     // The kind of encryption input used on the account
     required EncryptionKeyType encryptionKeyType,
     // If account is not hidden, password can be retrieved via
diff --git a/lib/state/local_account_manager.dart b/lib/state/local_account_manager.dart
index 2b8cc48..32c8d05 100644
--- a/lib/state/local_account_manager.dart
+++ b/lib/state/local_account_manager.dart
@@ -80,6 +80,12 @@ class LocalAccountManager {
           Uint8List.fromList(utf8.encode(jsonEncode(identityMaster)));
       await dhtctx.setDHTValue(masterRecordKey, 0, identityMasterBytes);
 
+      // Write empty identity to account map
+      const identity = Identity(accountKeyPairs: {});
+      final identityBytes =
+          Uint8List.fromList(utf8.encode(jsonEncode(identity)));
+      await dhtctx.setDHTValue(identityRecordKey, 0, identityBytes);
+
       return IdentityMasterWithSecrets(
           identityMaster: identityMaster,
           masterSecret: masterSecret,
@@ -91,6 +97,7 @@ class LocalAccountManager {
       if (identityRec != null) {
         await dhtctx.deleteDHTRecord(identityRec.key);
       }
+      rethrow;
     }
   }
 
@@ -100,15 +107,29 @@ class LocalAccountManager {
       SecretKey identitySecret,
       EncryptionKeyType encryptionKeyType,
       String encryptionKey) async {
-    //
+    // Encrypt identitySecret with key
+    final cs = await Veilid.instance.bestCryptoSystem();
+    final ekbytes = Uint8List.fromList(utf8.encode(encryptionKey));
+    final nonce = await cs.randomNonce();
+    final eksalt = nonce.decode();
+    SharedSecret sharedSecret = await cs.deriveSharedSecret(ekbytes, eksalt);
+    final identitySecretBytes =
+        await cs.cryptNoAuth(identitySecret.decode(), nonce, sharedSecret);
 
-    return LocalAccount(
+    // Create local account object
+    final localAccount = LocalAccount(
       identityMaster: identityMaster,
       identitySecretKeyBytes: identitySecretBytes,
+      identitySecretSaltBytes: eksalt,
       encryptionKeyType: encryptionKeyType,
       biometricsEnabled: false,
       hiddenAccount: false,
     );
+
+    // Push
+
+    // Return local account object
+    return localAccount;
   }
 }