From 173ab188b326fbe78cfba4ab455a74619f4556bb Mon Sep 17 00:00:00 2001
From: DanConwayDev <DanConwayDev@protonmail.com>
Date: Mon, 24 Jun 2024 09:39:18 +0100
Subject: feat(login): store in git config and use cache

replace ngit yaml file config with:
 * nsec / ncryptsec / npub in git config in nostr.* namespace
 * sql database cache for metadata and relay events

allow different logins to be used for different git repositories by
storing login in local git config
---
 src/key_handling/encryption.rs | 77 ++++++++++++++++--------------------------
 1 file changed, 29 insertions(+), 48 deletions(-)

(limited to 'src/key_handling/encryption.rs')

diff --git a/src/key_handling/encryption.rs b/src/key_handling/encryption.rs
index 3f4ee41..3841d50 100644
--- a/src/key_handling/encryption.rs
+++ b/src/key_handling/encryption.rs
@@ -1,46 +1,31 @@
 use anyhow::Result;
-#[cfg(test)]
-use mockall::*;
 use nostr::{prelude::*, Keys};
 
-#[derive(Default)]
-pub struct Encryptor;
-
-#[cfg_attr(test, automock)]
-pub trait EncryptDecrypt {
-    /// requires less CPU time if the password is long
-    fn encrypt_key(&self, keys: &Keys, password: &str) -> Result<String>;
-    fn decrypt_key(&self, encrypted_key: &str, password: &str) -> Result<Keys>;
+pub fn encrypt_key(keys: &Keys, password: &str) -> Result<String> {
+    let log2_rounds: u8 = if password.len() > 20 {
+        // we have enough of entropy - no need to spend CPU time adding much more
+        1
+    } else {
+        println!("this may take a few seconds...");
+        // default (scrypt::Params::RECOMMENDED_LOG_N) is 17 but 30s is too long to wait
+        15
+    };
+    Ok(nostr::nips::nip49::EncryptedSecretKey::new(
+        keys.secret_key()?,
+        password,
+        log2_rounds,
+        KeySecurity::Medium,
+    )?
+    .to_bech32()?)
 }
 
-/// approach and code adapted from nostr gossip client
-impl EncryptDecrypt for Encryptor {
-    fn encrypt_key(&self, keys: &Keys, password: &str) -> Result<String> {
-        let log2_rounds: u8 = if password.len() > 20 {
-            // we have enough of entropy - no need to spend CPU time adding much more
-            1
-        } else {
-            println!("this may take a few seconds...");
-            // default (scrypt::Params::RECOMMENDED_LOG_N) is 17 but 30s is too long to wait
-            15
-        };
-        Ok(nostr::nips::nip49::EncryptedSecretKey::new(
-            keys.secret_key()?,
-            password,
-            log2_rounds,
-            KeySecurity::Medium,
-        )?
-        .to_bech32()?)
-    }
-
-    fn decrypt_key(&self, encrypted_key: &str, password: &str) -> Result<nostr::Keys> {
-        let encrypted_key = nostr::nips::nip49::EncryptedSecretKey::from_bech32(encrypted_key)?;
-        // to request that log_n gets exposed
-        if encrypted_key.log_n() > 14 {
-            println!("this may take a few seconds...");
-        }
-        Ok(nostr::Keys::new(encrypted_key.to_secret_key(password)?))
+pub fn decrypt_key(encrypted_key: &str, password: &str) -> Result<nostr::Keys> {
+    let encrypted_key = nostr::nips::nip49::EncryptedSecretKey::from_bech32(encrypted_key)?;
+    // to request that log_n gets exposed
+    if encrypted_key.log_n() > 14 {
+        println!("this may take a few seconds...");
     }
+    Ok(nostr::Keys::new(encrypted_key.to_secret_key(password)?))
 }
 
 #[cfg(test)]
@@ -51,7 +36,7 @@ mod tests {
 
     #[test]
     fn encrypt_key_produces_string_prefixed_with() -> Result<()> {
-        let s = Encryptor.encrypt_key(&nostr::Keys::generate(), TEST_PASSWORD)?;
+        let s = encrypt_key(&nostr::Keys::generate(), TEST_PASSWORD)?;
         assert!(s.starts_with("ncryptsec"));
         Ok(())
     }
@@ -59,8 +44,7 @@ mod tests {
     #[test]
     // ensures password encryption hasn't changed
     fn decrypts_with_strong_password_from_reference_string() -> Result<()> {
-        let encryptor = Encryptor;
-        let decrypted_key = encryptor.decrypt_key(TEST_KEY_1_ENCRYPTED, TEST_PASSWORD)?;
+        let decrypted_key = decrypt_key(TEST_KEY_1_ENCRYPTED, TEST_PASSWORD)?;
 
         assert_eq!(
             format!(
@@ -78,8 +62,7 @@ mod tests {
     #[test]
     // ensures password encryption hasn't changed
     fn decrypts_with_weak_password_from_reference_string() -> Result<()> {
-        let encryptor = Encryptor;
-        let decrypted_key = encryptor.decrypt_key(TEST_KEY_1_ENCRYPTED_WEAK, TEST_WEAK_PASSWORD)?;
+        let decrypted_key = decrypt_key(TEST_KEY_1_ENCRYPTED_WEAK, TEST_WEAK_PASSWORD)?;
 
         assert_eq!(
             format!(
@@ -96,10 +79,9 @@ mod tests {
 
     #[test]
     fn decrypts_key_encrypted_using_encrypt_key() -> Result<()> {
-        let encryptor = Encryptor;
         let key = nostr::Keys::generate();
-        let s = encryptor.encrypt_key(&key, TEST_PASSWORD)?;
-        let newkey = encryptor.decrypt_key(s.as_str(), TEST_PASSWORD)?;
+        let s = encrypt_key(&key, TEST_PASSWORD)?;
+        let newkey = decrypt_key(s.as_str(), TEST_PASSWORD)?;
 
         assert_eq!(
             format!("{}", key.secret_key().unwrap().to_bech32().unwrap()),
@@ -110,10 +92,9 @@ mod tests {
 
     #[test]
     fn decrypt_key_successfully_decrypts_key_encrypted_using_encrypt_key() -> Result<()> {
-        let encryptor = Encryptor;
         let key = nostr::Keys::generate();
-        let s = encryptor.encrypt_key(&key, TEST_PASSWORD)?;
-        let newkey = encryptor.decrypt_key(s.as_str(), TEST_PASSWORD)?;
+        let s = encrypt_key(&key, TEST_PASSWORD)?;
+        let newkey = decrypt_key(s.as_str(), TEST_PASSWORD)?;
 
         assert_eq!(
             format!("{}", key.secret_key().unwrap().to_bech32().unwrap()),
-- 
cgit v1.2.3