feat(ironfish): Store salt and nonce on encrypted account (#5371)

* feat(rust-nodejs): Create napi struct for xchacha20poly1305 key

* feat(ironfish): Store salt and nonce on encrypted account

* cargo fmt

* Fix imports

* Fix import

Author: rohanjadvani

ironfish/src/wallet/account/encryptedAccount.ts

@@ -1,17 +1,21 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
-import { decrypt } from '@ironfish/rust-nodejs'
+import { decrypt, xchacha20poly1305 } from '@ironfish/rust-nodejs'
 import { AccountDecryptionFailedError } from '../errors'
 import { AccountValueEncoding, EncryptedAccountValue } from '../walletdb/accountValue'
 import { WalletDB } from '../walletdb/walletdb'
 import { Account } from './account'
 
 export class EncryptedAccount {
   private readonly walletDb: WalletDB
+  readonly salt: Buffer
+  readonly nonce: Buffer
   readonly data: Buffer
 
   constructor({ data, walletDb }: { data: Buffer; walletDb: WalletDB }) {
+    this.salt = Buffer.alloc(xchacha20poly1305.XSALT_LENGTH)
+    this.nonce = Buffer.alloc(xchacha20poly1305.XNONCE_LENGTH)
     this.data = data
     this.walletDb = walletDb
   }
@@ -31,6 +35,8 @@ export class EncryptedAccount {
   serialize(): EncryptedAccountValue {
     return {
       encrypted: true,
+      salt: this.salt,
+      nonce: this.nonce,
       data: this.data,
     }
   }

ironfish/src/wallet/walletdb/accountValue.test.ts

@@ -1,7 +1,7 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
-import { encrypt, generateKey } from '@ironfish/rust-nodejs'
+import { encrypt, generateKey, xchacha20poly1305 } from '@ironfish/rust-nodejs'
 import {
   AccountValueEncoding,
   DecryptedAccountValue,
@@ -95,6 +95,8 @@ describe('AccountValueEncoding', () => {
     const encryptedValue: EncryptedAccountValue = {
       encrypted: true,
       data: encryptedData,
+      salt: Buffer.alloc(xchacha20poly1305.XSALT_LENGTH),
+      nonce: Buffer.alloc(xchacha20poly1305.XNONCE_LENGTH),
     }
 
     const buffer = encoder.serialize(encryptedValue)

ironfish/src/wallet/walletdb/accountValue.ts

@@ -1,7 +1,7 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
-import { KEY_LENGTH, PUBLIC_ADDRESS_LENGTH } from '@ironfish/rust-nodejs'
+import { KEY_LENGTH, PUBLIC_ADDRESS_LENGTH, xchacha20poly1305 } from '@ironfish/rust-nodejs'
 import bufio from 'bufio'
 import { IDatabaseEncoding } from '../../storage'
 import { MultisigKeys } from '../interfaces/multisigKeys'
@@ -13,6 +13,8 @@ const VERSION_LENGTH = 2
 
 export type EncryptedAccountValue = {
   encrypted: true
+  salt: Buffer
+  nonce: Buffer
   data: Buffer
 }
 
@@ -48,6 +50,8 @@ export class AccountValueEncoding implements IDatabaseEncoding<AccountValue> {
     let flags = 0
     flags |= Number(!!value.encrypted) << 5
     bw.writeU8(flags)
+    bw.writeBytes(value.salt)
+    bw.writeBytes(value.nonce)
     bw.writeVarBytes(value.data)
 
     return bw.render()
@@ -113,9 +117,13 @@ export class AccountValueEncoding implements IDatabaseEncoding<AccountValue> {
     // Skip flags
     reader.readU8()
 
+    const salt = reader.readBytes(xchacha20poly1305.XSALT_LENGTH)
+    const nonce = reader.readBytes(xchacha20poly1305.XNONCE_LENGTH)
     const data = reader.readVarBytes()
     return {
       encrypted: true,
+      nonce,
+      salt,
       data,
     }
   }
@@ -182,6 +190,8 @@ export class AccountValueEncoding implements IDatabaseEncoding<AccountValue> {
   getSizeEncrypted(value: EncryptedAccountValue): number {
     let size = 0
     size += 1 // flags
+    size += xchacha20poly1305.XSALT_LENGTH
+    size += xchacha20poly1305.XNONCE_LENGTH
     size += bufio.sizeVarBytes(value.data)
     return size
   }