kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2025-12-16 15:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Request Body의 필드마다 서명하지 않고, 데이터 전체에 대해 서명하도록 개선

Browse Source
This commit is contained in:
static
2024-12-31 09:32:37 +09:00
parent 5c535d1191
commit 0d00e2476a
10 changed files with 73 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
src/routes/api/client/verify/+server.ts → src/routes/api/client/register/verify/+server.ts
View File

20
src/routes/api/mek/register/+server.ts
View File

@@ -1,33 +1,31 @@
import { error, text } from "@sveltejs/kit";
import { text } from "@sveltejs/kit";
import { z } from "zod";
import { authorize } from "$lib/server/modules/auth";
import { parseSignedRequest } from "$lib/server/modules/crypto";
import { registerNewActiveMek } from "$lib/server/services/mek";
import type { RequestHandler } from "@sveltejs/kit";
export const POST: RequestHandler = async ({ request, cookies }) => {
const { userId, clientId } = await authorize(cookies, "activeClient");
const zodRes = z
.object({
const { meks } = await parseSignedRequest(
clientId,
await request.json(),
z.object({
meks: z.array(
z.object({
clientId: z.number().int().positive(),
mek: z.string().base64().nonempty(),
sigMek: z.string().base64().nonempty(),
}),
),
})
.safeParse(await request.json());
if (!zodRes.success) error(400, "Invalid request body");
const { meks } = zodRes.data;
}),
);
await registerNewActiveMek(
userId,
clientId,
meks.map(({ clientId, mek, sigMek }) => ({
meks.map(({ clientId, mek }) => ({
clientId,
encMek: mek,
sigEncMek: sigMek,
})),
);
return text("MEK registered", { headers: { "Content-Type": "text/plain" } });

16
src/routes/api/mek/register/initial/+server.ts
View File

@@ -1,6 +1,7 @@
import { error, text } from "@sveltejs/kit";
import { z } from "zod";
import { authenticate } from "$lib/server/modules/auth";
import { parseSignedRequest } from "$lib/server/modules/crypto";
import { registerInitialActiveMek } from "$lib/server/services/mek";
import type { RequestHandler } from "@sveltejs/kit";
@@ -10,15 +11,14 @@ export const POST: RequestHandler = async ({ request, cookies }) => {
error(403, "Forbidden");
}
const zodRes = z
.object({
const { mek } = await parseSignedRequest(
clientId,
await request.json(),
z.object({
mek: z.string().base64().nonempty(),
sigMek: z.string().base64().nonempty(),
})
.safeParse(await request.json());
if (!zodRes.success) error(400, "Invalid request body");
const { mek, sigMek } = zodRes.data;
}),
);
await registerInitialActiveMek(userId, clientId, mek, sigMek);
await registerInitialActiveMek(userId, clientId, mek);
return text("MEK registered", { headers: { "Content-Type": "text/plain" } });
};