remote signing info encrypt and decrypt

lib/data/remote_signing_info_db.dart

@@ -1,27 +1,49 @@
 import 'package:nowser/data/remote_signing_info.dart';
 
 import 'package:sqflite/sqflite.dart';
+import 'package:nostr_sdk/utils/encrypt_util.dart';
 import 'db.dart';
 
 class RemoteSigningInfoDB {
-  static Future<int> insert(RemoteSigningInfo o, {DatabaseExecutor? db}) async {
-    db = await DB.getDB(db);
-    return await db.insert("remote_signing_info", o.toJson());
+  static Future<Map<String, dynamic>> _toJsonWithEncrypt(
+      RemoteSigningInfo o, String encryptKey) async {
+    var iv = "${o.updatedAt}000000";
+    var json = o.toJson();
+    json["secret"] =
+        await EncryptUtil.aesEncrypt(json["secret"]!, encryptKey, iv);
+    return json;
   }
 
-  static Future<RemoteSigningInfo?> getByAppId(int appId,
+  static Future<RemoteSigningInfo> _fromJsonWithDecrypt(
+      Map<String, dynamic> json, String encryptKey) async {
+    var iv = "${json["updated_at"]}000000";
+    var signingInfo = RemoteSigningInfo.fromJson(json);
+    signingInfo.secret =
+        await EncryptUtil.aesDecrypt(json["secret"]!, encryptKey, iv);
+    return signingInfo;
+  }
+
+  static Future<int> insert(RemoteSigningInfo o, String encryptKey,
+      {DatabaseExecutor? db}) async {
+    db = await DB.getDB(db);
+    return await db.insert(
+        "remote_signing_info", await _toJsonWithEncrypt(o, encryptKey));
+  }
+
+  static Future<RemoteSigningInfo?> getByAppId(int appId, String encryptKey,
       {DatabaseExecutor? db}) async {
     db = await DB.getDB(db);
     List<Map<String, dynamic>> list = await db.rawQuery(
         "select * from remote_signing_info where app_id = ?", [appId]);
     if (list.isNotEmpty) {
-      return RemoteSigningInfo.fromJson(list.first);
+      return await _fromJsonWithDecrypt(list.first, encryptKey);
     }
 
     return null;
   }
 
   static Future<List<RemoteSigningInfo>> penddingRemoteSigningInfo(
+      String encryptKey,
       {DatabaseExecutor? db}) async {
     List<RemoteSigningInfo> objs = [];
 
@@ -34,15 +56,21 @@ class RemoteSigningInfoDB {
         [since]);
     for (var i = 0; i < list.length; i++) {
       var json = list[i];
-      objs.add(RemoteSigningInfo.fromJson(json));
+      try {
+        objs.add(await _fromJsonWithDecrypt(json, encryptKey));
+      } catch (e) {
+        print("RemoteSigningInfoDB penddingRemoteSigningInfo error: $e");
+      }
     }
 
     return objs;
   }
 
-  static Future<int> update(RemoteSigningInfo o, {DatabaseExecutor? db}) async {
+  static Future<int> update(RemoteSigningInfo o, String encryptKey,
+      {DatabaseExecutor? db}) async {
     db = await DB.getDB(db);
-    return await db.update("remote_signing_info", o.toJson(),
+    return await db.update(
+        "remote_signing_info", await _toJsonWithEncrypt(o, encryptKey),
         where: "id = ?", whereArgs: [o.id]);
   }
 }

lib/main.dart

@@ -144,18 +144,20 @@ Future<void> doInit() async {
   keyProvider = KeyProvider();
   appProvider = AppProvider();
   buildInRelayProvider = BuildInRelayProvider();
+  remoteSigningProvider = RemoteSigningProvider();
 
   var dataUtilTask = DataUtil.getInstance();
   var keyTask = keyProvider.init();
   var dbTask = DB.getCurrentDatabase();
-  var dataFutureResultList = await Future.wait([dataUtilTask, keyTask, dbTask]);
+  var remoteSigningInitTask = remoteSigningProvider.init();
+  var dataFutureResultList =
+      await Future.wait([dataUtilTask, keyTask, dbTask, remoteSigningInitTask]);
 
   var settingTask = SettingProvider.getInstance();
   var appTask = appProvider.reload();
   var futureResultList = await Future.wait([settingTask, appTask]);
   settingProvider = futureResultList[0] as SettingProvider;
   webProvider = WebProvider();
-  remoteSigningProvider = RemoteSigningProvider();
   downloadProvider = DownloadProvider();
   await downloadProvider.init();
 }

lib/provider/remote_signing_provider.dart

@@ -2,6 +2,7 @@ import 'dart:convert';
 import 'dart:developer';
 
 import 'package:flutter/material.dart';
+import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 import 'package:nostr_sdk/client_utils/keys.dart';
 import 'package:nostr_sdk/event.dart';
 import 'package:nostr_sdk/event_kind.dart';
@@ -13,6 +14,7 @@ import 'package:nostr_sdk/relay/relay_isolate.dart';
 import 'package:nostr_sdk/relay/relay_status.dart';
 import 'package:nostr_sdk/signer/local_nostr_signer.dart';
 import 'package:nostr_sdk/signer/nostr_signer.dart';
+import 'package:nostr_sdk/utils/hash_util.dart';
 import 'package:nostr_sdk/utils/string_util.dart';
 import 'package:nowser/const/app_type.dart';
 import 'package:nowser/const/auth_type.dart';
@@ -42,6 +44,10 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin {
   // remoteSignerPubkey - App
   Map<String, App> appMap = {};
 
+  Future<void> init() async {
+    encryptKey = await getOrGenEncryptKey();
+  }
+
   Future<void> reload() async {
     relayMap = {};
     remoteSigningInfoMap = {};
@@ -50,15 +56,30 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin {
     load();
   }
 
+  var encryptKey = "";
+
   Future<void> load() async {
     var remoteAppList = appProvider.remoteAppList();
     for (var remoteApp in remoteAppList) {
-      await addRemoteApp(remoteApp);
+      await addRemoteApp(remoteApp, encryptKey);
     }
   }
 
-  Future<void> addRemoteApp(App remoteApp) async {
-    var remoteSigningInfo = await RemoteSigningInfoDB.getByAppId(remoteApp.id!);
+  static const String KEY_NAME = "remoteKey";
+
+  Future<String> getOrGenEncryptKey() async {
+    const storage = FlutterSecureStorage();
+    var str = await storage.read(key: KEY_NAME);
+    if (StringUtil.isBlank(str)) {
+      str = HashUtil.md5(StringUtil.rndNameStr(10));
+      await storage.write(key: KEY_NAME, value: str);
+    }
+    return str!;
+  }
+
+  Future<void> addRemoteApp(App remoteApp, String encryptKey) async {
+    var remoteSigningInfo =
+        await RemoteSigningInfoDB.getByAppId(remoteApp.id!, encryptKey);
     if (remoteSigningInfo != null &&
         StringUtil.isNotBlank(remoteSigningInfo.remoteSignerKey) &&
         StringUtil.isNotBlank(remoteSigningInfo.remotePubkey) &&
@@ -154,7 +175,7 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin {
               remoteSigningInfo.updatedAt =
                   DateTime.now().millisecondsSinceEpoch ~/ 1000;
 
-              RemoteSigningInfoDB.update(remoteSigningInfo);
+              RemoteSigningInfoDB.update(remoteSigningInfo, encryptKey);
               remoteSigningInfoMap[remoteSignerPubkey] = remoteSigningInfo;
               appMap[remoteSignerPubkey] = app;
 
@@ -385,13 +406,13 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin {
 
   Future<void> saveRemoteSigningInfo(
       RemoteSigningInfo remoteSigningInfo) async {
-    await RemoteSigningInfoDB.insert(remoteSigningInfo);
+    await RemoteSigningInfoDB.insert(remoteSigningInfo, encryptKey);
     await reloadPenddingRemoteApps();
     notifyListeners();
   }
 
   Future<void> reloadPenddingRemoteApps() async {
-    var list = await RemoteSigningInfoDB.penddingRemoteSigningInfo();
+    var list = await RemoteSigningInfoDB.penddingRemoteSigningInfo(encryptKey);
     _penddingRemoteApps = list;
     notifyListeners();