diff --git a/lib/data/remote_signing_info_db.dart b/lib/data/remote_signing_info_db.dart index c49b727..06b5836 100644 --- a/lib/data/remote_signing_info_db.dart +++ b/lib/data/remote_signing_info_db.dart @@ -1,27 +1,49 @@ import 'package:nowser/data/remote_signing_info.dart'; import 'package:sqflite/sqflite.dart'; +import 'package:nostr_sdk/utils/encrypt_util.dart'; import 'db.dart'; class RemoteSigningInfoDB { - static Future insert(RemoteSigningInfo o, {DatabaseExecutor? db}) async { - db = await DB.getDB(db); - return await db.insert("remote_signing_info", o.toJson()); + static Future> _toJsonWithEncrypt( + RemoteSigningInfo o, String encryptKey) async { + var iv = "${o.updatedAt}000000"; + var json = o.toJson(); + json["secret"] = + await EncryptUtil.aesEncrypt(json["secret"]!, encryptKey, iv); + return json; } - static Future getByAppId(int appId, + static Future _fromJsonWithDecrypt( + Map json, String encryptKey) async { + var iv = "${json["updated_at"]}000000"; + var signingInfo = RemoteSigningInfo.fromJson(json); + signingInfo.secret = + await EncryptUtil.aesDecrypt(json["secret"]!, encryptKey, iv); + return signingInfo; + } + + static Future insert(RemoteSigningInfo o, String encryptKey, + {DatabaseExecutor? db}) async { + db = await DB.getDB(db); + return await db.insert( + "remote_signing_info", await _toJsonWithEncrypt(o, encryptKey)); + } + + static Future getByAppId(int appId, String encryptKey, {DatabaseExecutor? db}) async { db = await DB.getDB(db); List> list = await db.rawQuery( "select * from remote_signing_info where app_id = ?", [appId]); if (list.isNotEmpty) { - return RemoteSigningInfo.fromJson(list.first); + return await _fromJsonWithDecrypt(list.first, encryptKey); } return null; } static Future> penddingRemoteSigningInfo( + String encryptKey, {DatabaseExecutor? db}) async { List objs = []; @@ -34,15 +56,21 @@ class RemoteSigningInfoDB { [since]); for (var i = 0; i < list.length; i++) { var json = list[i]; - objs.add(RemoteSigningInfo.fromJson(json)); + try { + objs.add(await _fromJsonWithDecrypt(json, encryptKey)); + } catch (e) { + print("RemoteSigningInfoDB penddingRemoteSigningInfo error: $e"); + } } return objs; } - static Future update(RemoteSigningInfo o, {DatabaseExecutor? db}) async { + static Future update(RemoteSigningInfo o, String encryptKey, + {DatabaseExecutor? db}) async { db = await DB.getDB(db); - return await db.update("remote_signing_info", o.toJson(), + return await db.update( + "remote_signing_info", await _toJsonWithEncrypt(o, encryptKey), where: "id = ?", whereArgs: [o.id]); } } diff --git a/lib/main.dart b/lib/main.dart index 2cc13b7..19606a2 100644 --- a/lib/main.dart +++ b/lib/main.dart @@ -144,18 +144,20 @@ Future doInit() async { keyProvider = KeyProvider(); appProvider = AppProvider(); buildInRelayProvider = BuildInRelayProvider(); + remoteSigningProvider = RemoteSigningProvider(); var dataUtilTask = DataUtil.getInstance(); var keyTask = keyProvider.init(); var dbTask = DB.getCurrentDatabase(); - var dataFutureResultList = await Future.wait([dataUtilTask, keyTask, dbTask]); + var remoteSigningInitTask = remoteSigningProvider.init(); + var dataFutureResultList = + await Future.wait([dataUtilTask, keyTask, dbTask, remoteSigningInitTask]); var settingTask = SettingProvider.getInstance(); var appTask = appProvider.reload(); var futureResultList = await Future.wait([settingTask, appTask]); settingProvider = futureResultList[0] as SettingProvider; webProvider = WebProvider(); - remoteSigningProvider = RemoteSigningProvider(); downloadProvider = DownloadProvider(); await downloadProvider.init(); } diff --git a/lib/provider/remote_signing_provider.dart b/lib/provider/remote_signing_provider.dart index 0cc5604..912c592 100644 --- a/lib/provider/remote_signing_provider.dart +++ b/lib/provider/remote_signing_provider.dart @@ -2,6 +2,7 @@ import 'dart:convert'; import 'dart:developer'; import 'package:flutter/material.dart'; +import 'package:flutter_secure_storage/flutter_secure_storage.dart'; import 'package:nostr_sdk/client_utils/keys.dart'; import 'package:nostr_sdk/event.dart'; import 'package:nostr_sdk/event_kind.dart'; @@ -13,6 +14,7 @@ import 'package:nostr_sdk/relay/relay_isolate.dart'; import 'package:nostr_sdk/relay/relay_status.dart'; import 'package:nostr_sdk/signer/local_nostr_signer.dart'; import 'package:nostr_sdk/signer/nostr_signer.dart'; +import 'package:nostr_sdk/utils/hash_util.dart'; import 'package:nostr_sdk/utils/string_util.dart'; import 'package:nowser/const/app_type.dart'; import 'package:nowser/const/auth_type.dart'; @@ -42,6 +44,10 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin { // remoteSignerPubkey - App Map appMap = {}; + Future init() async { + encryptKey = await getOrGenEncryptKey(); + } + Future reload() async { relayMap = {}; remoteSigningInfoMap = {}; @@ -50,15 +56,30 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin { load(); } + var encryptKey = ""; + Future load() async { var remoteAppList = appProvider.remoteAppList(); for (var remoteApp in remoteAppList) { - await addRemoteApp(remoteApp); + await addRemoteApp(remoteApp, encryptKey); } } - Future addRemoteApp(App remoteApp) async { - var remoteSigningInfo = await RemoteSigningInfoDB.getByAppId(remoteApp.id!); + static const String KEY_NAME = "remoteKey"; + + Future getOrGenEncryptKey() async { + const storage = FlutterSecureStorage(); + var str = await storage.read(key: KEY_NAME); + if (StringUtil.isBlank(str)) { + str = HashUtil.md5(StringUtil.rndNameStr(10)); + await storage.write(key: KEY_NAME, value: str); + } + return str!; + } + + Future addRemoteApp(App remoteApp, String encryptKey) async { + var remoteSigningInfo = + await RemoteSigningInfoDB.getByAppId(remoteApp.id!, encryptKey); if (remoteSigningInfo != null && StringUtil.isNotBlank(remoteSigningInfo.remoteSignerKey) && StringUtil.isNotBlank(remoteSigningInfo.remotePubkey) && @@ -154,7 +175,7 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin { remoteSigningInfo.updatedAt = DateTime.now().millisecondsSinceEpoch ~/ 1000; - RemoteSigningInfoDB.update(remoteSigningInfo); + RemoteSigningInfoDB.update(remoteSigningInfo, encryptKey); remoteSigningInfoMap[remoteSignerPubkey] = remoteSigningInfo; appMap[remoteSignerPubkey] = app; @@ -385,13 +406,13 @@ class RemoteSigningProvider extends ChangeNotifier with PermissionCheckMixin { Future saveRemoteSigningInfo( RemoteSigningInfo remoteSigningInfo) async { - await RemoteSigningInfoDB.insert(remoteSigningInfo); + await RemoteSigningInfoDB.insert(remoteSigningInfo, encryptKey); await reloadPenddingRemoteApps(); notifyListeners(); } Future reloadPenddingRemoteApps() async { - var list = await RemoteSigningInfoDB.penddingRemoteSigningInfo(); + var list = await RemoteSigningInfoDB.penddingRemoteSigningInfo(encryptKey); _penddingRemoteApps = list; notifyListeners();