클라이언트 등록시 검증키도 등록하도록 변경 (WiP)

2025-12-16 23:18:48 +00:00 · 2024-12-31 01:56:12 +09:00
parent 679b223346
commit 4f20d2edbf
6 changed files with 140 additions and 35 deletions
--- a/src/lib/server/modules/crypto.ts
+++ b/src/lib/server/modules/crypto.ts
@@ -0,0 +1,34 @@
+import { constants, randomBytes, createPublicKey, publicEncrypt, verify } from "crypto";
+import { promisify } from "util";
+
+export const generateRandomBytes = async (length: number) => {
+  return await promisify(randomBytes)(length);
+};
+
+const makePubKeyPem = (pubKey: string) =>
+  `-----BEGIN PUBLIC KEY-----\n${pubKey}\n-----END PUBLIC KEY-----`;
+
+export const verifyPubKey = (pubKey: string) => {
+  const pubKeyPem = makePubKeyPem(pubKey);
+  const pubKeyObject = createPublicKey(pubKeyPem);
+  return (
+    pubKeyObject.asymmetricKeyType === "rsa" &&
+    pubKeyObject.asymmetricKeyDetails?.modulusLength === 4096
+  );
+};
+
+export const encryptAsymmetric = (data: Buffer, encPubKey: string) => {
+  return publicEncrypt({ key: makePubKeyPem(encPubKey), oaepHash: "sha256" }, data);
+};
+
+export const verifySignature = (data: string, signature: string, sigPubKey: string) => {
+  return verify(
+    "rsa-sha256",
+    Buffer.from(data, "base64"),
+    {
+      key: makePubKeyPem(sigPubKey),
+      padding: constants.RSA_PKCS1_PSS_PADDING,
+    },
+    Buffer.from(signature, "base64"),
+  );
+};