kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2025-12-15 22:38:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

암호 키가 등록된 클라이언트에서 로그인을 수행하는 방식을 변경된 API에 맞게 변경

Browse Source 
우선 이메일과 비밀번호를 이용해 로그인을 수행한 후, Token Upgrade를 수행하도록 변경했습니다.
This commit is contained in:
static
2024-12-31 04:41:34 +09:00
parent 0ef252913a
commit 08a23b61b2
8 changed files with 142 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/lib/modules/crypto.ts
View File

@@ -50,7 +50,7 @@ export const makeRSAKeyNonextractable = async (key: CryptoKey, type: RSAKeyType)
);
};
export const exportRSAKey = async (key: CryptoKey, type: RSAKeyType) => {
const exportRSAKey = async (key: CryptoKey, type: RSAKeyType) => {
const format = type === "public" ? ("spki" as const) : ("pkcs8" as const);
return {
format,
@@ -58,6 +58,10 @@ export const exportRSAKey = async (key: CryptoKey, type: RSAKeyType) => {
};
};
export const exportRSAKeyToBase64 = async (key: CryptoKey, type: RSAKeyType) => {
return encodeToBase64((await exportRSAKey(key, type)).key);
};
export const encryptRSAPlaintext = async (plaintext: ArrayBuffer, publicKey: CryptoKey) => {
return await window.crypto.subtle.encrypt(
{

41
src/lib/services/auth.ts Normal file
View File

@@ -0,0 +1,41 @@
import {
encodeToBase64,
decodeFromBase64,
decryptRSACiphertext,
signRSAMessage,
} from "$lib/modules/crypto";
export const requestTokenUpgrade = async (
encPubKeyBase64: string,
encPrivKey: CryptoKey,
sigPubKeyBase64: string,
sigPrivKey: CryptoKey,
) => {
let res = await fetch("/api/auth/upgradeToken", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
encPubKey: encPubKeyBase64,
sigPubKey: sigPubKeyBase64,
}),
});
if (!res.ok) return false;
const { challenge } = await res.json();
const answer = await decryptRSACiphertext(decodeFromBase64(challenge), encPrivKey);
const sigAnswer = await signRSAMessage(answer, sigPrivKey);
res = await fetch("/api/auth/upgradeToken/verify", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
answer: encodeToBase64(answer),
sigAnswer: encodeToBase64(sigAnswer),
}),
});
return res.ok;
};

42
src/lib/services/key.ts Normal file
View File

@@ -0,0 +1,42 @@
import { callAPI } from "$lib/hooks";
import {
encodeToBase64,
decodeFromBase64,
decryptRSACiphertext,
signRSAMessage,
} from "$lib/modules/crypto";
export const requestClientRegistration = async (
encPubKeyBase64: string,
encPrivKey: CryptoKey,
sigPubKeyBase64: string,
sigPrivKey: CryptoKey,
) => {
let res = await callAPI("/api/client/register", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
encPubKey: encPubKeyBase64,
sigPubKey: sigPubKeyBase64,
}),
});
if (!res.ok) return false;
const { challenge } = await res.json();
const answer = await decryptRSACiphertext(decodeFromBase64(challenge), encPrivKey);
const sigAnswer = await signRSAMessage(answer, sigPrivKey);
res = await callAPI("/api/client/verify", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
answer: encodeToBase64(answer),
sigAnswer: encodeToBase64(sigAnswer),
}),
});
return res.ok;
};