kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2025-12-16 15:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

DEK 버전을 프론트엔드에서 명시적으로 관리하도록 변경

Browse Source
This commit is contained in:
static
2025-01-06 15:38:50 +09:00
parent 71f12c942b
commit 47850e1421
16 changed files with 78 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/lib/server/db/file.ts
View File

@@ -9,6 +9,7 @@ export interface NewDirectoryParams {
parentId: DirectoryId;
mekVersion: number;
encDek: string;
dekVersion: Date;
encName: string;
encNameIv: string;
}
@@ -19,6 +20,7 @@ export interface NewFileParams {
userId: number;
mekVersion: number;
encDek: string;
dekVersion: Date;
encContentIv: string;
encName: string;
encNameIv: string;
@@ -41,7 +43,7 @@ export const registerNewDirectory = async (params: NewDirectoryParams) => {
userId: params.userId,
mekVersion: params.mekVersion,
encDek: params.encDek,
encryptedAt: now,
dekVersion: params.dekVersion,
encName: { ciphertext: params.encName, iv: params.encNameIv },
});
});
@@ -72,14 +74,22 @@ export const getDirectory = async (userId: number, directoryId: number) => {
export const setDirectoryEncName = async (
userId: number,
directoryId: number,
dekVersion: Date,
encName: string,
encNameIv: string,
) => {
await db
const res = await db
.update(directory)
.set({ encName: { ciphertext: encName, iv: encNameIv } })
.where(and(eq(directory.userId, userId), eq(directory.id, directoryId)))
.where(
and(
eq(directory.userId, userId),
eq(directory.id, directoryId),
eq(directory.dekVersion, dekVersion),
),
)
.execute();
return res.changes > 0;
};
export const unregisterDirectory = async (userId: number, directoryId: number) => {
@@ -128,7 +138,7 @@ export const registerNewFile = async (params: NewFileParams) => {
userId: params.userId,
mekVersion: params.mekVersion,
encDek: params.encDek,
encryptedAt: now,
dekVersion: params.dekVersion,
encContentIv: params.encContentIv,
encName: { ciphertext: params.encName, iv: params.encNameIv },
});
@@ -160,14 +170,16 @@ export const getFile = async (userId: number, fileId: number) => {
export const setFileEncName = async (
userId: number,
fileId: number,
dekVersion: Date,
encName: string,
encNameIv: string,
) => {
await db
const res = await db
.update(file)
.set({ encName: { ciphertext: encName, iv: encNameIv } })
.where(and(eq(file.userId, userId), eq(file.id, fileId)))
.where(and(eq(file.userId, userId), eq(file.id, fileId), eq(file.dekVersion, dekVersion)))
.execute();
return res.changes > 0;
};
export const unregisterFile = async (userId: number, fileId: number) => {

4
src/lib/server/db/schema/file.ts
View File

@@ -19,7 +19,7 @@ export const directory = sqliteTable(
.references(() => user.id),
mekVersion: integer("master_encryption_key_version").notNull(),
encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64
encryptedAt: integer("encrypted_at", { mode: "timestamp_ms" }).notNull(),
dekVersion: integer("data_encryption_key_version", { mode: "timestamp_ms" }).notNull(),
encName: ciphertext("encrypted_name").notNull(),
},
(t) => ({
@@ -46,7 +46,7 @@ export const file = sqliteTable(
.references(() => user.id),
mekVersion: integer("master_encryption_key_version").notNull(),
encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64
encryptedAt: integer("encrypted_at", { mode: "timestamp_ms" }).notNull(),
dekVersion: integer("data_encryption_key_version", { mode: "timestamp_ms" }).notNull(),
encContentIv: text("encrypted_content_iv").notNull(), // Base64
encName: ciphertext("encrypted_name").notNull(),
},