diff --git a/src/lib/server/db/file.ts b/src/lib/server/db/file.ts index a693f48..e5285dc 100644 --- a/src/lib/server/db/file.ts +++ b/src/lib/server/db/file.ts @@ -9,7 +9,6 @@ export interface NewDirectroyParams { parentId: DirectroyId; mekVersion: number; encDek: string; - encDekIv: string; encName: string; encNameIv: string; } @@ -30,7 +29,7 @@ export const registerNewDirectory = async (params: NewDirectroyParams) => { parentId: params.parentId === "root" ? null : params.parentId, userId: params.userId, mekVersion: params.mekVersion, - encDek: { ciphertext: params.encDek, iv: params.encDekIv }, + encDek: params.encDek, encryptedAt: now, encName: { ciphertext: params.encName, iv: params.encNameIv }, }); diff --git a/src/lib/server/db/schema/file.ts b/src/lib/server/db/schema/file.ts index f56e294..b5c41fd 100644 --- a/src/lib/server/db/schema/file.ts +++ b/src/lib/server/db/schema/file.ts @@ -4,8 +4,8 @@ import { user } from "./user"; const ciphertext = (name: string) => text(name, { mode: "json" }).$type<{ - ciphertext: string; - iv: string; + ciphertext: string; // Base64 + iv: string; // Base64 }>(); export const directory = sqliteTable( @@ -18,7 +18,7 @@ export const directory = sqliteTable( .notNull() .references(() => user.id), mekVersion: integer("master_encryption_key_version").notNull(), - encDek: ciphertext("encrypted_data_encryption_key").notNull().unique(), + encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64 encryptedAt: integer("encrypted_at", { mode: "timestamp_ms" }).notNull(), encName: ciphertext("encrypted_name").notNull(), }, @@ -45,7 +45,7 @@ export const file = sqliteTable( .notNull() .references(() => user.id), mekVersion: integer("master_encryption_key_version").notNull(), - encDek: ciphertext("encrypted_data_encryption_key").notNull().unique(), + encDek: text("encrypted_data_encryption_key").notNull().unique(), // Base64 encryptedAt: integer("encrypted_at", { mode: "timestamp_ms" }).notNull(), encName: ciphertext("encrypted_name").notNull(), }, diff --git a/src/lib/server/schemas/directory.ts b/src/lib/server/schemas/directory.ts index 1c2f6c1..b4594c9 100644 --- a/src/lib/server/schemas/directory.ts +++ b/src/lib/server/schemas/directory.ts @@ -1,12 +1,11 @@ import { z } from "zod"; -export const directroyEntriesResponse = z.object({ +export const directroyInfoResponse = z.object({ metadata: z .object({ createdAt: z.date(), mekVersion: z.number().int().positive(), dek: z.string().base64().nonempty(), - dekIv: z.string().base64().nonempty(), name: z.string().base64().nonempty(), nameIv: z.string().base64().nonempty(), }) @@ -14,13 +13,12 @@ export const directroyEntriesResponse = z.object({ subDirectories: z.number().int().positive().array(), files: z.number().int().positive().array(), }); -export type DirectroyEntriesResponse = z.infer; +export type DirectroyInfoResponse = z.infer; export const directoryCreateRequest = z.object({ parentId: z.union([z.enum(["root"]), z.number().int().positive()]), mekVersion: z.number().int().positive(), dek: z.string().base64().nonempty(), - dekIv: z.string().base64().nonempty(), name: z.string().base64().nonempty(), nameIv: z.string().base64().nonempty(), }); diff --git a/src/lib/server/services/client.ts b/src/lib/server/services/client.ts index 004ef1a..9291d6b 100644 --- a/src/lib/server/services/client.ts +++ b/src/lib/server/services/client.ts @@ -22,7 +22,7 @@ export const getUserClientList = async (userId: number) => { return { userClients: userClients.map(({ clientId, state }) => ({ id: clientId, - state, + state: state as "pending" | "active", })), }; }; @@ -83,7 +83,7 @@ export const getUserClientStatus = async (userId: number, clientId: number) => { } return { - state: userClient.state, + state: userClient.state as "pending" | "active", isInitialMekNeeded: await isInitialMekNeeded(userId), }; }; diff --git a/src/lib/server/services/mek.ts b/src/lib/server/services/mek.ts index 94babfe..95caef9 100644 --- a/src/lib/server/services/mek.ts +++ b/src/lib/server/services/mek.ts @@ -8,7 +8,7 @@ export const getClientMekList = async (userId: number, clientId: number) => { return { encMeks: clientMeks.map((clientMek) => ({ version: clientMek.master_encryption_key.version, - state: clientMek.master_encryption_key.state, + state: clientMek.master_encryption_key.state as "active" | "retired", encMek: clientMek.client_master_encryption_key.encMek, encMekSig: clientMek.client_master_encryption_key.encMekSig, })), diff --git a/src/routes/api/auth/upgradeToken/+server.ts b/src/routes/api/auth/upgradeToken/+server.ts index 99b987d..0436f22 100644 --- a/src/routes/api/auth/upgradeToken/+server.ts +++ b/src/routes/api/auth/upgradeToken/+server.ts @@ -1,5 +1,9 @@ import { error, json } from "@sveltejs/kit"; -import { tokenUpgradeRequest, tokenUpgradeResponse } from "$lib/server/schemas/auth"; +import { + tokenUpgradeRequest, + tokenUpgradeResponse, + type TokenUpgradeResponse, +} from "$lib/server/schemas/auth"; import { createTokenUpgradeChallenge } from "$lib/server/services/auth"; import type { RequestHandler } from "./$types"; @@ -17,5 +21,5 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress encPubKey, sigPubKey, ); - return json(tokenUpgradeResponse.parse({ challenge })); + return json(tokenUpgradeResponse.parse({ challenge } satisfies TokenUpgradeResponse)); }; diff --git a/src/routes/api/client/list/+server.ts b/src/routes/api/client/list/+server.ts index f16124c..72f09d8 100644 --- a/src/routes/api/client/list/+server.ts +++ b/src/routes/api/client/list/+server.ts @@ -1,11 +1,11 @@ import { json } from "@sveltejs/kit"; import { authenticate } from "$lib/server/modules/auth"; -import { clientListResponse } from "$lib/server/schemas/client"; +import { clientListResponse, type ClientListResponse } from "$lib/server/schemas/client"; import { getUserClientList } from "$lib/server/services/client"; import type { RequestHandler } from "@sveltejs/kit"; export const GET: RequestHandler = async ({ cookies }) => { const { userId } = authenticate(cookies); const { userClients } = await getUserClientList(userId); - return json(clientListResponse.parse({ clients: userClients })); + return json(clientListResponse.parse({ clients: userClients } satisfies ClientListResponse)); }; diff --git a/src/routes/api/client/register/+server.ts b/src/routes/api/client/register/+server.ts index 474995c..3a9f884 100644 --- a/src/routes/api/client/register/+server.ts +++ b/src/routes/api/client/register/+server.ts @@ -1,6 +1,10 @@ import { error, json } from "@sveltejs/kit"; import { authenticate } from "$lib/server/modules/auth"; -import { clientRegisterRequest, clientRegisterResponse } from "$lib/server/schemas/client"; +import { + clientRegisterRequest, + clientRegisterResponse, + type ClientRegisterResponse, +} from "$lib/server/schemas/client"; import { registerUserClient } from "$lib/server/services/client"; import type { RequestHandler } from "./$types"; @@ -15,5 +19,5 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress const { encPubKey, sigPubKey } = zodRes.data; const { challenge } = await registerUserClient(userId, getClientAddress(), encPubKey, sigPubKey); - return json(clientRegisterResponse.parse({ challenge })); + return json(clientRegisterResponse.parse({ challenge } satisfies ClientRegisterResponse)); }; diff --git a/src/routes/api/client/status/+server.ts b/src/routes/api/client/status/+server.ts index 8bd7616..1eed893 100644 --- a/src/routes/api/client/status/+server.ts +++ b/src/routes/api/client/status/+server.ts @@ -1,6 +1,6 @@ import { error, json } from "@sveltejs/kit"; import { authenticate } from "$lib/server/modules/auth"; -import { clientStatusResponse } from "$lib/server/schemas/client"; +import { clientStatusResponse, type ClientStatusResponse } from "$lib/server/schemas/client"; import { getUserClientStatus } from "$lib/server/services/client"; import type { RequestHandler } from "@sveltejs/kit"; @@ -11,5 +11,11 @@ export const GET: RequestHandler = async ({ cookies }) => { } const { state, isInitialMekNeeded } = await getUserClientStatus(userId, clientId); - return json(clientStatusResponse.parse({ id: clientId, state, isInitialMekNeeded })); + return json( + clientStatusResponse.parse({ + id: clientId, + state, + isInitialMekNeeded, + } satisfies ClientStatusResponse), + ); }; diff --git a/src/routes/api/directory/[id]/+server.ts b/src/routes/api/directory/[id]/+server.ts index 2a68763..361d4dd 100644 --- a/src/routes/api/directory/[id]/+server.ts +++ b/src/routes/api/directory/[id]/+server.ts @@ -1,7 +1,7 @@ import { error, json } from "@sveltejs/kit"; import { z } from "zod"; import { authorize } from "$lib/server/modules/auth"; -import { directroyEntriesResponse } from "$lib/server/schemas/directory"; +import { directroyInfoResponse, type DirectroyInfoResponse } from "$lib/server/schemas/directory"; import { getDirectroyInformation } from "$lib/server/services/file"; import type { RequestHandler } from "./$types"; @@ -18,17 +18,16 @@ export const GET: RequestHandler = async ({ cookies, params }) => { const { metadata, directories, files } = await getDirectroyInformation(userId, id); return json( - directroyEntriesResponse.parse({ + directroyInfoResponse.parse({ metadata: metadata && { createdAt: metadata.createdAt, mekVersion: metadata.mekVersion, - dek: metadata.encDek.ciphertext, - dekIv: metadata.encDek.iv, + dek: metadata.encDek, name: metadata.encName.ciphertext, nameIv: metadata.encName.iv, }, subDirectories: directories, files, - }), + } satisfies DirectroyInfoResponse), ); }; diff --git a/src/routes/api/directory/create/+server.ts b/src/routes/api/directory/create/+server.ts index 86db802..fd7ae7d 100644 --- a/src/routes/api/directory/create/+server.ts +++ b/src/routes/api/directory/create/+server.ts @@ -7,7 +7,7 @@ import type { RequestHandler } from "./$types"; export const POST: RequestHandler = async ({ request, cookies }) => { const { userId, clientId } = await authorize(cookies, "activeClient"); - const { parentId, mekVersion, dek, dekIv, name, nameIv } = await parseSignedRequest( + const { parentId, mekVersion, dek, name, nameIv } = await parseSignedRequest( clientId, await request.json(), directoryCreateRequest, @@ -18,7 +18,6 @@ export const POST: RequestHandler = async ({ request, cookies }) => { parentId, mekVersion, encDek: dek, - encDekIv: dekIv, encName: name, encNameIv: nameIv, }); diff --git a/src/routes/api/mek/list/+server.ts b/src/routes/api/mek/list/+server.ts index 6fcc9f6..3effea3 100644 --- a/src/routes/api/mek/list/+server.ts +++ b/src/routes/api/mek/list/+server.ts @@ -1,6 +1,6 @@ import { json } from "@sveltejs/kit"; import { authorize } from "$lib/server/modules/auth"; -import { masterKeyListResponse } from "$lib/server/schemas/mek"; +import { masterKeyListResponse, type MasterKeyListResponse } from "$lib/server/schemas/mek"; import { getClientMekList } from "$lib/server/services/mek"; import type { RequestHandler } from "./$types"; @@ -15,6 +15,6 @@ export const GET: RequestHandler = async ({ cookies }) => { mek: encMek, mekSig: encMekSig, })), - }), + } satisfies MasterKeyListResponse), ); };