writer.close();
secretData = baos.toByteArray();
} catch (IOException e) {
throw new RepositoryException("Error encrypting secrets", e);
}
byte[] hashedPassword = null;
if (password != null) {
hashedPassword = PasswordHash.doPasswordHash(password);
}
// This keypair is for grants etc. The client doesn't (currently) get access to the private key
KeyPair userRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
byte[] privateKeyData = RsaUtils.serialize(userRsaKeyPair.getPrivate());
privateKeyData = FathomdbCrypto.encrypt(userSecretKey, privateKeyData);
byte[] publicKeyData = RsaUtils.serialize(userRsaKeyPair.getPublic());
db.insertUser(userName, hashedPassword, secretData, publicKeyData, privateKeyData);
UserEntity user = findUser(userName);
if (password != null) {
user.unlockWithPassword(password);
}
if (publicKeyHash != null) {
UserCertEntity userCert = new UserCertEntity();
// TODO: Retry on collision
Random random = new Random();
userCert.id = random.nextInt();
userCert.userId = user.id;
userCert.publicKeyHash = publicKeyHash;
db.insertUserCert(userCert);
}
return user;
} catch (SQLException e) {
throw new RepositoryException("Error creating user", e);
} finally {
db.close();
}
}