Add encryption support when importing archive

Save password and scheme on new device during linking. Set archiveHasPassword flag in config when saving the archive. Change-Id: I8822c746d2f7968fef5493ee3f4c92f121274c5a
2025-08-07 22:02:12 +08:00 · 2025-07-07 14:49:32 -04:00
parent edfa4fa623
commit 18b6ae56db
2 changed files with 17 additions and 1 deletions
--- a/src/jamidht/archive_account_manager.cpp
+++ b/src/jamidht/archive_account_manager.cpp
@ -537,6 +537,9 @@ ArchiveAccountManager::provideAccountAuthentication(const std::string& key,
        JAMI_WARNING("[LinkDevice] Invalid state for providing account authentication.");
        return false;
    }
+
+    ctx->linkDevCtx->authScheme = scheme;
+    ctx->linkDevCtx->credentialsFromUser = key;
    // After authentication, the next step is to receive the account archive from the exporting device
    ctx->linkDevCtx->state = AuthDecodingState::DATA;
    emitSignal<libjami::ConfigurationSignal::DeviceAuthStateChanged>(
@ -1363,10 +1366,16 @@ ArchiveAccountManager::onArchiveLoaded(AuthContext& ctx, AccountArchive&& a, boo
    dhtnet::fileutils::check_dir(path_, 0700);

    if (isLinkDevProtocol) {
+        a.config[libjami::Account::ConfProperties::ARCHIVE_HAS_PASSWORD] =
+            ctx.linkDevCtx->authScheme.empty() ? FALSE_STR : TRUE_STR;
+
        a.save(fileutils::getFullPath(path_, archivePath_),
               ctx.linkDevCtx->authScheme,
               ctx.linkDevCtx->credentialsFromUser);
    } else {
+        a.config[libjami::Account::ConfProperties::ARCHIVE_HAS_PASSWORD] =
+            ctx.credentials->password_scheme.empty() ? FALSE_STR : TRUE_STR;
+
        a.save(fileutils::getFullPath(path_, archivePath_),
               ctx.credentials ? ctx.credentials->password_scheme : "",
               ctx.credentials ? ctx.credentials->password : "");
--- a/src/jamidht/jamiaccount.cpp
+++ b/src/jamidht/jamiaccount.cpp
@ -1395,7 +1395,14 @@ JamiAccount::loadAccount(const std::string& archive_password_scheme,
                        std::tie(conf.tlsPrivateKeyFile, conf.tlsCertificateFile)
                            = saveIdentity(id, idPath_, DEVICE_ID_PATH);
                        conf.tlsPassword = {};
-                        conf.archiveHasPassword = hasPassword;
+                        auto passwordIt = config.find(
+                            libjami::Account::ConfProperties::ARCHIVE_HAS_PASSWORD);
+                        if (passwordIt != config.end() && !passwordIt->second.empty()) {
+                            conf.archiveHasPassword = passwordIt->second == "true";
+                        } else {
+                            conf.archiveHasPassword = hasPassword;
+                        }
+
                        if (not conf.managerUri.empty()) {
                            conf.registeredName = conf.managerUsername;
                            registeredName_ = conf.managerUsername;