-
-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathkeystore_unlock_example.dart
More file actions
87 lines (73 loc) · 2.66 KB
/
keystore_unlock_example.dart
File metadata and controls
87 lines (73 loc) · 2.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/usr/bin/env dart
// example/keystore_unlock_example.dart
//
// Example demonstrating secure keystore unlock flow.
// Usage: dart run example/keystore_unlock_example.dart
// ignore_for_file: avoid_print
import 'dart:io';
import 'package:dart_ipfs/src/core/config/ipfs_config.dart';
import 'package:dart_ipfs/src/core/metrics/metrics_collector.dart';
import 'package:dart_ipfs/src/core/security/security_manager.dart';
import 'package:dart_ipfs/src/utils/password_prompt.dart';
Future<void> main() async {
print('=== IPFS Keystore Unlock Example ===\n');
// Create configuration
final config = IPFSConfig(offline: true);
final securityConfig = const SecurityConfig();
final metrics = MetricsCollector(config);
// Create security manager
final securityManager = SecurityManager(securityConfig, metrics);
// Check if we have existing secure keys
final hasExistingKeys = securityManager.hasSecureKey('self');
String? password;
if (hasExistingKeys) {
// Existing keystore - prompt for unlock
print('Existing keystore found.\n');
password = PasswordPrompt.prompt('Enter keystore password: ');
} else {
// New keystore - create with password
print('No keystore found. Creating new encrypted keystore.\n');
password = PasswordPrompt.promptNew('Create keystore password: ');
if (password != null && !PasswordPrompt.isStrongEnough(password)) {
exit(1);
}
}
if (password == null) {
stderr.writeln('Error: Password required');
exit(1);
}
// Unlock keystore
try {
print('\nUnlocking keystore...');
await securityManager.unlockKeystore(password);
print('✓ Keystore unlocked successfully!\n');
// Migrate any plaintext keys
final migratedCount = await securityManager.migrateKeysFromPlaintext();
if (migratedCount > 0) {
print('✓ Migrated $migratedCount keys to encrypted storage\n');
}
// Show status
final status = await securityManager.getStatus();
print('Keystore Status:');
print(' - Unlocked: ${securityManager.isKeystoreUnlocked}');
print(' - TLS Enabled: ${status['tls_enabled']}');
// Generate example key if none exist
if (!securityManager.hasSecureKey('self')) {
print('\nGenerating default identity key...');
final publicKey = await securityManager.generateSecureKey(
'self',
label: 'Node Identity',
);
print('✓ Identity key generated (${publicKey.length} bytes)\n');
} else {
print(' - Identity key: present');
}
// Lock keystore when done
securityManager.lockKeystore();
print('\n✓ Keystore locked');
} catch (e) {
stderr.writeln('Error: $e');
exit(1);
}
print('Done!');
}