/api/hsk/list, /api/hsk/register/initial Endpoint 구현

2026-02-04 08:06:56 +00:00 · 2025-01-12 20:26:48 +09:00
parent 004e41b0cf
commit 805d7df182
13 changed files with 223 additions and 4 deletions
--- a/src/lib/server/db/schema/file.ts
+++ b/src/lib/server/db/schema/file.ts
@@ -1,4 +1,5 @@
 import { sqliteTable, text, integer, foreignKey } from "drizzle-orm/sqlite-core";
+import { hsk } from "./hsk";
 import { mek } from "./mek";
 import { user } from "./user";

@@ -55,15 +56,21 @@ export const file = sqliteTable(
    mekVersion: integer("master_encryption_key_version").notNull(),
    encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64
    dekVersion: integer("data_encryption_key_version", { mode: "timestamp_ms" }).notNull(),
+    hskVersion: integer("hmac_secret_key_version"),
+    contentHmac: text("content_hmac"), // Base64
    contentType: text("content_type").notNull(),
    encContentIv: text("encrypted_content_iv").notNull(), // Base64
    encName: ciphertext("encrypted_name").notNull(),
  },
  (t) => ({
-    ref: foreignKey({
+    ref1: foreignKey({
      columns: [t.userId, t.mekVersion],
      foreignColumns: [mek.userId, mek.version],
    }),
+    ref2: foreignKey({
+      columns: [t.userId, t.hskVersion],
+      foreignColumns: [hsk.userId, hsk.version],
+    }),
  }),
 );

--- a/src/lib/server/db/schema/hsk.ts
+++ b/src/lib/server/db/schema/hsk.ts
@@ -0,0 +1,43 @@
+import { sqliteTable, text, integer, primaryKey, foreignKey } from "drizzle-orm/sqlite-core";
+import { mek } from "./mek";
+import { user } from "./user";
+
+export const hsk = sqliteTable(
+  "hmac_secret_key",
+  {
+    userId: integer("user_id")
+      .notNull()
+      .references(() => user.id),
+    version: integer("version").notNull(),
+    state: text("state", { enum: ["active"] }).notNull(),
+    mekVersion: integer("master_encryption_key_version").notNull(),
+    encHsk: text("encrypted_key").notNull().unique(), // Base64
+  },
+  (t) => ({
+    pk: primaryKey({ columns: [t.userId, t.version] }),
+    ref: foreignKey({
+      columns: [t.userId, t.mekVersion],
+      foreignColumns: [mek.userId, mek.version],
+    }),
+  }),
+);
+
+export const hskLog = sqliteTable(
+  "hmac_secret_key_log",
+  {
+    id: integer("id").primaryKey({ autoIncrement: true }),
+    userId: integer("user_id")
+      .notNull()
+      .references(() => user.id),
+    hskVersion: integer("hmac_secret_key_version").notNull(),
+    timestamp: integer("timestamp", { mode: "timestamp_ms" }).notNull(),
+    action: text("action", { enum: ["create"] }).notNull(),
+    actionBy: integer("action_by").references(() => user.id),
+  },
+  (t) => ({
+    ref: foreignKey({
+      columns: [t.userId, t.hskVersion],
+      foreignColumns: [hsk.userId, hsk.version],
+    }),
+  }),
+);
--- a/src/lib/server/db/schema/index.ts
+++ b/src/lib/server/db/schema/index.ts
@@ -1,5 +1,6 @@
 export * from "./client";
 export * from "./file";
+export * from "./hsk";
 export * from "./mek";
 export * from "./session";
 export * from "./user";