kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2025-12-16 06:58:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Token Upgrade시 챌린지를 거치도록 변경

Browse Source
This commit is contained in:
static
2024-12-31 03:01:29 +09:00
parent 4f20d2edbf
commit b84d6fd5ad
14 changed files with 208 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/lib/server/services/client.ts
View File

@@ -9,15 +9,10 @@ import {
getAllUserClients,
getUserClient,
setUserClientStateToPending,
createUserClientChallenge,
registerUserClientChallenge,
getUserClientChallenge,
} from "$lib/server/db/client";
import {
generateRandomBytes,
verifyPubKey,
encryptAsymmetric,
verifySignature,
} from "$lib/server/modules/crypto";
import { verifyPubKey, verifySignature, generateChallenge } from "$lib/server/modules/crypto";
import { isInitialMekNeeded } from "$lib/server/modules/mek";
import env from "$lib/server/loadenv";
@@ -31,20 +26,17 @@ export const getUserClientList = async (userId: number) => {
};
};
const expiresIn = ms(env.challenge.pubKeyExp);
const expiresIn = ms(env.challenge.userClientExp);
const expiresAt = () => new Date(Date.now() + expiresIn);
const generateChallenge = async (
const createUserClientChallenge = async (
userId: number,
ip: string,
clientId: number,
encPubKey: string,
) => {
const answer = await generateRandomBytes(32);
const answerBase64 = answer.toString("base64");
await createUserClientChallenge(userId, clientId, answerBase64, ip, expiresAt());
const challenge = encryptAsymmetric(answer, encPubKey);
const { answer, challenge } = await generateChallenge(32, encPubKey);
await registerUserClientChallenge(userId, clientId, answer.toString("base64"), ip, expiresAt());
return challenge.toString("base64");
};
@@ -80,7 +72,7 @@ export const registerUserClient = async (
clientId = await createClient(encPubKey, sigPubKey, userId);
}
return { challenge: await generateChallenge(userId, ip, clientId, encPubKey) };
return { challenge: await createUserClientChallenge(userId, ip, clientId, encPubKey) };
};
export const getUserClientStatus = async (userId: number, clientId: number) => {
@@ -115,5 +107,7 @@ export const verifyUserClient = async (
error(401, "Invalid challenge answer signature");
}
// TODO: Replay attack prevention
await setUserClientStateToPending(userId, challenge.clientId);
};