From 402837a90ca2729e3e8b2853729c44838e3c00b3 Mon Sep 17 00:00:00 2001
From: Dmitry <yashulyak@gmail.com>
Date: Fri, 7 Jun 2019 13:06:39 +0300
Subject: [PATCH] Encrypt database with same password taht is used for pfs db

---
 api/backend.go                   |  8 ++++----
 services/wallet/commands.go      |  1 -
 services/wallet/database.go      |  4 ++--
 services/wallet/database_test.go |  2 +-
 services/wallet/service.go       |  4 ++--
 sqlite/sqlite.go                 | 12 +++++++++---
 6 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/api/backend.go b/api/backend.go
index f857f95afe..4a65a90112 100644
--- a/api/backend.go
+++ b/api/backend.go
@@ -510,7 +510,7 @@ func (b *StatusBackend) reSelectAccount() error {
 	default:
 		return err
 	}
-	return b.startWallet()
+	return nil
 }
 
 // SelectAccount selects current wallet and chat accounts, by verifying that each address has corresponding account which can be decrypted
@@ -551,10 +551,10 @@ func (b *StatusBackend) SelectAccount(walletAddress, chatAddress, password strin
 			return err
 		}
 	}
-	return b.startWallet()
+	return b.startWallet(password)
 }
 
-func (b *StatusBackend) startWallet() error {
+func (b *StatusBackend) startWallet(password string) error {
 	if !b.statusNode.Config().WalletConfig.Enabled {
 		return nil
 	}
@@ -567,7 +567,7 @@ func (b *StatusBackend) startWallet() error {
 		return err
 	}
 	path := path.Join(b.statusNode.Config().DataDir, fmt.Sprintf("wallet-%x.sql", account.Address))
-	return wallet.StartReactor(path,
+	return wallet.StartReactor(path, password,
 		b.statusNode.RPCClient().Ethclient(),
 		[]common.Address{account.Address},
 		new(big.Int).SetUint64(b.statusNode.Config().NetworkID))
diff --git a/services/wallet/commands.go b/services/wallet/commands.go
index a86875ede2..4ca9c50f41 100644
--- a/services/wallet/commands.go
+++ b/services/wallet/commands.go
@@ -116,7 +116,6 @@ func (c *erc20HistoricalCommand) Run(ctx context.Context) (err error) {
 			break
 		}
 		headers := headersFromTransfers(transfers)
-		log.Info("storing header of the iterator", "header", c.iterator.Header().Number)
 		headers = append(headers, c.iterator.Header())
 		err = c.db.ProcessTranfers(transfers, []common.Address{c.address}, headers, nil, erc20Sync)
 		if err != nil {
diff --git a/services/wallet/database.go b/services/wallet/database.go
index 12bf1157a4..25d1483579 100644
--- a/services/wallet/database.go
+++ b/services/wallet/database.go
@@ -36,8 +36,8 @@ const (
 )
 
 // InitializeDB creates db file at a given path and applies migrations.
-func InitializeDB(path string) (*Database, error) {
-	db, err := sqlite.OpenDB(path)
+func InitializeDB(path, password string) (*Database, error) {
+	db, err := sqlite.OpenDB(path, password)
 	if err != nil {
 		return nil, err
 	}
diff --git a/services/wallet/database_test.go b/services/wallet/database_test.go
index b9bd41d001..9770846e4d 100644
--- a/services/wallet/database_test.go
+++ b/services/wallet/database_test.go
@@ -15,7 +15,7 @@ import (
 func setupTestDB(t *testing.T) (*Database, func()) {
 	tmpfile, err := ioutil.TempFile("", "wallet-tests-")
 	require.NoError(t, err)
-	db, err := InitializeDB(tmpfile.Name())
+	db, err := InitializeDB(tmpfile.Name(), "wallet-tests")
 	require.NoError(t, err)
 	return db, func() {
 		require.NoError(t, db.Close())
diff --git a/services/wallet/service.go b/services/wallet/service.go
index ce46c9d553..bf16f7a244 100644
--- a/services/wallet/service.go
+++ b/services/wallet/service.go
@@ -34,8 +34,8 @@ func (s *Service) Start(*p2p.Server) error {
 }
 
 // StartReactor separately because it requires known ethereum address, which will become available only after login.
-func (s *Service) StartReactor(dbpath string, client *ethclient.Client, accounts []common.Address, chain *big.Int) error {
-	db, err := InitializeDB(dbpath)
+func (s *Service) StartReactor(dbpath, password string, client *ethclient.Client, accounts []common.Address, chain *big.Int) error {
+	db, err := InitializeDB(dbpath, password)
 	if err != nil {
 		return err
 	}
diff --git a/sqlite/sqlite.go b/sqlite/sqlite.go
index fc9ba6ea12..afe173c5d2 100644
--- a/sqlite/sqlite.go
+++ b/sqlite/sqlite.go
@@ -2,12 +2,13 @@ package sqlite
 
 import (
 	"database/sql"
+	"errors"
 	"fmt"
 
 	_ "github.com/mutecomm/go-sqlcipher" // We require go sqlcipher that overrides default implementation
 )
 
-func openDB(path string) (*sql.DB, error) {
+func openDB(path, key string) (*sql.DB, error) {
 	db, err := sql.Open("sqlite3", path)
 	if err != nil {
 		return nil, err
@@ -19,6 +20,11 @@ func openDB(path string) (*sql.DB, error) {
 	if _, err = db.Exec("PRAGMA foreign_keys=ON"); err != nil {
 		return nil, err
 	}
+	keyString := fmt.Sprintf("PRAGMA key = '%s'", key)
+	if _, err = db.Exec(keyString); err != nil {
+		return nil, errors.New("failed to set key pragma")
+	}
+
 	// readers do not block writers and faster i/o operations
 	// https://www.sqlite.org/draft/wal.html
 	// must be set after db is encrypted
@@ -35,6 +41,6 @@ func openDB(path string) (*sql.DB, error) {
 }
 
 // OpenDB opens not-encrypted database.
-func OpenDB(path string) (*sql.DB, error) {
-	return openDB(path)
+func OpenDB(path, key string) (*sql.DB, error) {
+	return openDB(path, key)
 }