1 files changed, 8 insertions, 9 deletions

diff --git a/src/api/auth/account.rs b/src/api/auth/account.rs
index bff2a66..56ec717 100644
--- a/src/api/auth/account.rs
+++ b/src/api/auth/account.rs
@@ -90,8 +90,8 @@ pub(crate) async fn create(
         },
     }
 
-    let ka = SecretBytes::generate();
-    let wrapwrap_kb = SecretBytes::generate();
+    let ka = SecretKey::generate();
+    let wrapwrap_kb = SecretKey::generate();
     let auth_salt = SaltString::generate(rand::rngs::OsRng);
     let stretched = data.authPW.stretch(auth_salt.as_salt())?;
     let verify_hash = stretched.verify_hash();
@@ -113,8 +113,8 @@ pub(crate) async fn create(
         .add_user(User {
             auth_salt,
             email: data.email.to_owned(),
-            ka: SecretKey(ka.0),
-            wrapwrap_kb: SecretKey(wrapwrap_kb.0),
+            ka,
+            wrapwrap_kb,
             verify_hash: VerifyHash(verify_hash),
             display_name: None,
             verified: false,
@@ -204,8 +204,8 @@ pub(crate) async fn login(
         let key_fetch_token = KeyFetchToken::generate();
         let req = KeyFetchReq::derive_from(&key_fetch_token);
         let wrapped = req.derive_resp().wrap_keys(&KeyBundle {
-            ka: SecretBytes(user.ka.0),
-            wrap_kb: stretched.decrypt_wwkb(&SecretBytes(user.wrapwrap_kb.0)),
+            ka: user.ka,
+            wrap_kb: stretched.decrypt_wwkb(&user.wrapwrap_kb),
         });
         db.add_key_fetch(req.token_id, &req.req_hmac_key, &wrapped).await?;
         Some(key_fetch_token)
@@ -380,13 +380,12 @@ pub(crate) async fn reset(
 
     let notify_devs = db.get_devices(&data.context).await?;
 
-    let wrapwrap_kb = SecretBytes::generate();
+    let wrapwrap_kb = SecretKey::generate();
     let auth_salt = SaltString::generate(rand::rngs::OsRng);
     let stretched = data.body.authPW.stretch(auth_salt.as_salt())?;
     let verify_hash = stretched.verify_hash();
 
-    db.reset_user_auth(&data.context, auth_salt, SecretKey(wrapwrap_kb.0), VerifyHash(verify_hash))
-        .await?;
+    db.reset_user_auth(&data.context, auth_salt, wrapwrap_kb, VerifyHash(verify_hash)).await?;
 
     defer.spawn_after_success("api::auth/account/reset(post)", {
         let client = Arc::clone(client);