Request 서명 시스템 삭제

보안에 큰 도움이 되지 않는다고 판단하여 삭제하였습니다. 판단 근거는 다음과 같습니다.

1. Web Crypto API는 HTTPS 환경에서만 사용할 수 있음
2. 프론트엔드와 백엔드가 하나의 서버에서 제공되므로, 리버스 프록시에 의한 중간자 공격을 받지 않는가에 대한 직관적인 검증이 불가능함
3. 신뢰할 수 없는 리버스 프록시는 애초에 사용하지 않는 것이 맞음

다만 MEK에 대한 서명 등은 그대로 유지됩니다.

src/lib/server/modules/crypto.ts

@@ -1,8 +1,5 @@
-import { error } from "@sveltejs/kit";
 import { constants, randomBytes, createPublicKey, publicEncrypt, verify } from "crypto";
 import { promisify } from "util";
-import { z } from "zod";
-import { getClient } from "$lib/server/db/client";
 
 const makePubKeyToPem = (pubKey: string) =>
   `-----BEGIN PUBLIC KEY-----\n${pubKey}\n-----END PUBLIC KEY-----`;
@@ -37,31 +34,3 @@ export const generateChallenge = async (length: number, encPubKey: string) => {
   const challenge = encryptAsymmetric(answer, encPubKey);
   return { answer, challenge };
 };
-
-export const parseSignedRequest = async <T extends z.ZodTypeAny>(
-  clientId: number,
-  data: unknown,
-  schema: T,
-) => {
-  const zodRes = z
-    .object({
-      data: schema,
-      signature: z.string().base64().nonempty(),
-    })
-    .safeParse(data);
-  if (!zodRes.success) error(400, "Invalid request body");
-
-  const { data: parsedData, signature } = zodRes.data;
-  if (!parsedData) error(500, "Invalid request body");
-
-  const client = await getClient(clientId);
-  if (!client) {
-    error(500, "Invalid access token");
-  } else if (
-    !verifySignature(Buffer.from(JSON.stringify(parsedData)), signature, client.sigPubKey)
-  ) {
-    error(400, "Invalid signature");
-  }
-
-  return parsedData;
-};

src/lib/server/schemas/file.ts

@@ -20,7 +20,6 @@ export const fileUploadRequest = z.object({
   parentId: z.union([z.enum(["root"]), z.number().int().positive()]),
   mekVersion: z.number().int().positive(),
   dek: z.string().base64().nonempty(),
-  contentHash: z.string().base64().nonempty(),
   contentIv: z.string().base64().nonempty(),
   name: z.string().base64().nonempty(),
   nameIv: z.string().base64().nonempty(),

src/lib/server/services/file.ts

@@ -1,5 +1,4 @@
 import { error } from "@sveltejs/kit";
-import { createHash } from "crypto";
 import { createReadStream, createWriteStream, ReadStream, WriteStream } from "fs";
 import { mkdir, stat, unlink } from "fs/promises";
 import { dirname } from "path";
@@ -106,7 +105,6 @@ const safeUnlink = async (path: string) => {
 export const uploadFile = async (
   params: Omit<NewFileParams, "path">,
   encContentStream: ReadableStream<Uint8Array>,
-  encContentHash: string,
 ) => {
   const activeMekVersion = await getActiveMekVersion(params.userId);
   if (activeMekVersion === null) {
@@ -116,32 +114,12 @@ export const uploadFile = async (
   }
 
   const path = `${env.libraryPath}/${params.userId}/${uuidv4()}`;
-  const hash = createHash("sha256");
-
   await mkdir(dirname(path), { recursive: true });
 
   try {
-    const hashStream = new TransformStream<Uint8Array, Uint8Array>({
-      transform: (chunk, controller) => {
-        hash.update(chunk);
-        controller.enqueue(chunk);
-      },
-    });
-    const fileStream = convertToWritableStream(
-      createWriteStream(path, { flags: "wx", mode: 0o600 }),
+    await encContentStream.pipeTo(
+      convertToWritableStream(createWriteStream(path, { flags: "wx", mode: 0o600 })),
     );
-    await encContentStream.pipeThrough(hashStream).pipeTo(fileStream);
-  } catch (e) {
-    await safeUnlink(path);
-    throw e;
-  }
-
-  if (hash.digest("base64") !== encContentHash) {
-    await safeUnlink(path);
-    error(400, "Invalid content hash");
-  }
-
-  try {
     await registerNewFile({
       ...params,
       path,