암호 키 생성 및 등록시 최초 MEK도 함께 생성 및 등록하도록 구현

2025-12-16 15:08:46 +00:00 · 2024-12-30 01:59:09 +09:00
parent d39931c79a
commit 941e2a49bc
10 changed files with 133 additions and 40 deletions
--- a/src/routes/(fullscreen)/key/generate/+page.svelte
+++ b/src/routes/(fullscreen)/key/generate/+page.svelte
@@ -5,7 +5,7 @@
  import { gotoStateful } from "$lib/hooks";
  import { keyPairStore } from "$lib/stores";
  import Order from "./Order.svelte";
-  import { generateKeyPair } from "./service";
+  import { generateKeyPair, generateMekDraft } from "./service";

  import IconKey from "~icons/material-symbols/key";

@@ -33,11 +33,14 @@
  const generate = async () => {
    // TODO: Loading indicator

-    const keyPair = await generateKeyPair();
+    const { pubKeyBase64, privKeyBase64 } = await generateKeyPair();
+    const { mekDraft } = await generateMekDraft();
+
    await gotoStateful("/key/export", {
      redirectPath: data.redirectPath,
-      pubKeyBase64: keyPair.pubKeyBase64,
-      privKeyBase64: keyPair.privKeyBase64,
+      pubKeyBase64,
+      privKeyBase64,
+      mekDraft,
    });
  };

--- a/src/routes/(fullscreen)/key/generate/service.ts
+++ b/src/routes/(fullscreen)/key/generate/service.ts
@@ -1,9 +1,13 @@
 import {
+  encodeToBase64,
  generateRSAKeyPair,
  makeRSAKeyNonextractable,
-  exportRSAKeyToBase64,
+  exportRSAKey,
+  generateAESKey,
+  makeAESKeyNonextractable,
+  exportAESKey,
 } from "$lib/modules/crypto";
-import { keyPairStore } from "$lib/stores";
+import { keyPairStore, mekStore } from "$lib/stores";

 export const generateKeyPair = async () => {
  const keyPair = await generateRSAKeyPair();
@@ -15,7 +19,21 @@ export const generateKeyPair = async () => {
  });

  return {
-    pubKeyBase64: await exportRSAKeyToBase64(keyPair.publicKey, "public"),
-    privKeyBase64: await exportRSAKeyToBase64(keyPair.privateKey, "private"),
+    pubKeyBase64: encodeToBase64((await exportRSAKey(keyPair.publicKey, "public")).key),
+    privKeyBase64: encodeToBase64((await exportRSAKey(keyPair.privateKey, "private")).key),
+  };
+};
+
+export const generateMekDraft = async () => {
+  const mek = await generateAESKey();
+  const mekSecured = await makeAESKeyNonextractable(mek);
+
+  mekStore.update((meks) => {
+    meks.set(meks.size, mekSecured);
+    return meks;
+  });
+
+  return {
+    mekDraft: await exportAESKey(mek),
  };
 };