Store node encryption key with user data, fix encryption bug when using additional data

3 files changed, 16 insertions, 8 deletions

diff --git a/include/odhtdb/Database.hpp b/include/odhtdb/Database.hpp
index 87389eb..04c3b62 100644
--- a/include/odhtdb/Database.hpp
+++ b/include/odhtdb/Database.hpp
@@ -188,11 +188,11 @@ namespace odhtdb
         // Username has to be either unique or if it's the same as existing one, then password has to match.
         // Node has to be unique for the user.
         // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node).
-        void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair);
+        void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair);
         
-        // Returns nodes, public key and private key of encrypted user.
+        // Returns nodes, node encryption key, public key and private key of encrypted user.
         // Throws DatabaseStorageWrongPassword if password for the stored user is wrong.
-        MapHash<Signature::KeyPair> getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password);
+        MapHash<StoredNodeInfo> getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const;
         
         std::vector<OwnedMemory> getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const;
         
diff --git a/include/odhtdb/DatabaseStorage.hpp b/include/odhtdb/DatabaseStorage.hpp
index 264ab57..a618420 100644
--- a/include/odhtdb/DatabaseStorage.hpp
+++ b/include/odhtdb/DatabaseStorage.hpp
@@ -10,6 +10,7 @@
 #include "OwnedMemory.hpp"
 #include "DatabaseOperation.hpp"
 #include "DatabaseOrder.hpp"
+#include "DatabaseNode.hpp"
 #include "sql/SqlQuery.hpp"
 #include "sql/SqlExec.hpp"
 #include <vector>
@@ -72,6 +73,12 @@ namespace odhtdb
     using FetchNodeUserActionGapsCallbackFunc = std::function<void(const DataView userPublicKey, u64 start, u64 range)>;
     using FetchNodeUserLatestActionCounterCallbackFunc = std::function<void(const DataView userPublicKey, u64 latestActionCounter)>;
     
+    struct StoredNodeInfo
+    {
+        std::shared_ptr<OwnedMemory> nodeEncryptionKey;
+        std::shared_ptr<Signature::KeyPair> userKeyPair;
+    };
+    
     class DatabaseStorage
     {
     public:
@@ -119,12 +126,13 @@ namespace odhtdb
         // Username has to be either unique or if it's the same as existing one, then password has to match.
         // Node has to be unique for the user.
         // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node).
-        void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair);
+        void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair);
         
-        // Returns nodes, public key and private key of encrypted user.
+        // Returns nodes, node encryption key, public key and private key of encrypted user.
         // Throws DatabaseStorageWrongPassword if password for the stored user is wrong.
         // Throws DatabaseStorageNoSuchStoredUser if user doesn't exist.
-        MapHash<Signature::KeyPair> getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password);
+        // Otherwise throw DatabaseStorageException on other errors.
+        MapHash<StoredNodeInfo> getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const;
         
         // Returns true and node decryption key if node exists and we have the decryption key, 
         // otherwise return false and OwnedMemory with data set to nullptr
@@ -158,7 +166,7 @@ namespace odhtdb
         void setNodeAddDataDecryptedData(i64 rowId, const DataView &decryptedData);
         
         // Throws DatabaseStorageNoSuchStoredUser or DatabaseStorageWrongPassword
-        i64 getStoredUserId(const std::string &username, const DataView &hashedPassword);
+        i64 getStoredUserId(const std::string &username, const DataView &hashedPassword) const;
     private:
         Database *database;
         sqlite3 *sqliteDb;
diff --git a/include/odhtdb/Encryption.hpp b/include/odhtdb/Encryption.hpp
index 2457630..b2ae67e 100644
--- a/include/odhtdb/Encryption.hpp
+++ b/include/odhtdb/Encryption.hpp
@@ -32,7 +32,7 @@ namespace odhtdb
         DISABLE_COPY(Encryption)
     public:
         // Throws EncryptionException on failure (or std::bad_alloc on failed memory allocation)
-        Encryption(const DataView &data, const DataView &additionalData = DataView(), const DataView &key = DataView());
+        Encryption(const DataView &data, const DataView &key = DataView());
         ~Encryption();
         
         DataView getKey() const;