From a6f1fe2c10ea9f7bb08d2344df62fee4a996cd69 Mon Sep 17 00:00:00 2001
From: Ellie Huxtable <ellie@elliehuxtable.com>
Date: Thu, 1 Feb 2024 15:00:46 +0000
Subject: feat: reencrypt/rekey local store (#1662)

* feat: add record re-encrypting

* automatically re-encrypt store when logging in with a different key

* fix

* actually save the new key lmao

* add rekey

* save new key

* decode bip key

* "add test for sqlite store re encrypt"
---
 atuin-client/src/encryption.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'atuin-client/src/encryption.rs')

diff --git a/atuin-client/src/encryption.rs b/atuin-client/src/encryption.rs
index f4031059..50aacc24 100644
--- a/atuin-client/src/encryption.rs
+++ b/atuin-client/src/encryption.rs
@@ -30,6 +30,13 @@ pub struct EncryptedHistory {
     pub nonce: Nonce<XSalsa20Poly1305>,
 }
 
+pub fn generate_encoded_key() -> Result<(Key, String)> {
+    let key = XSalsa20Poly1305::generate_key(&mut OsRng);
+    let encoded = encode_key(&key)?;
+
+    Ok((key, encoded))
+}
+
 pub fn new_key(settings: &Settings) -> Result<Key> {
     let path = settings.key_path.as_str();
     let path = PathBuf::from(path);
@@ -38,8 +45,7 @@ pub fn new_key(settings: &Settings) -> Result<Key> {
         bail!("key already exists! cannot overwrite");
     }
 
-    let key = XSalsa20Poly1305::generate_key(&mut OsRng);
-    let encoded = encode_key(&key)?;
+    let (key, encoded) = generate_encoded_key()?;
 
     let mut file = fs::File::create(path)?;
     file.write_all(encoded.as_bytes())?;
-- 
cgit v1.3.1