RSA 키 페어 생성 구현

src/lib/index.ts

@@ -1 +0,0 @@
-// place files you want to import through the `$lib` alias in this folder.

src/lib/indexedDB.ts

@@ -0,0 +1,30 @@
+import { Dexie, type EntityTable } from "dexie";
+
+interface ClientKeyPair {
+  type: "publicKey" | "privateKey";
+  key: CryptoKey;
+}
+
+const keyStore = new Dexie("keyStore") as Dexie & {
+  clientKeyPairs: EntityTable<ClientKeyPair, "type">;
+};
+
+keyStore.version(1).stores({
+  clientKeyPairs: "type",
+});
+
+export const getKeyPairFromIndexedDB = async () => {
+  const pubKey = await keyStore.clientKeyPairs.get("publicKey");
+  const privKey = await keyStore.clientKeyPairs.get("privateKey");
+  return {
+    pubKey: pubKey?.key ?? null,
+    privKey: privKey?.key ?? null,
+  };
+};
+
+export const storeKeyPairIntoIndexedDB = async (pubKey: CryptoKey, privKey: CryptoKey) => {
+  await keyStore.clientKeyPairs.bulkPut([
+    { type: "publicKey", key: pubKey },
+    { type: "privateKey", key: privKey },
+  ]);
+};

src/routes/(fullscreen)/auth/generateKey/service.ts

@@ -0,0 +1,57 @@
+import { storeKeyPairIntoIndexedDB } from "$lib/indexedDB";
+
+type KeyType = "public" | "private";
+
+const generateRSAKeyPair = async () => {
+  const keyPair = await window.crypto.subtle.generateKey(
+    {
+      name: "RSA-OAEP",
+      modulusLength: 4096,
+      publicExponent: new Uint8Array([1, 0, 1]),
+      hash: "SHA-256",
+    } satisfies RsaHashedKeyGenParams,
+    true,
+    ["encrypt", "decrypt"],
+  );
+  return keyPair;
+};
+
+const exportKeyAsPem = async (key: CryptoKey, type: KeyType) => {
+  const exportedKey = await window.crypto.subtle.exportKey(
+    type === "public" ? "spki" : "pkcs8",
+    key,
+  );
+  const exportedKeyBase64 = btoa(String.fromCharCode(...new Uint8Array(exportedKey)))
+    .match(/.{1,64}/g)!
+    .join("\n");
+
+  const pemHeader = type === "public" ? "PUBLIC" : "PRIVATE";
+  const pem = `-----BEGIN ${pemHeader} KEY-----\n${exportedKeyBase64}\n-----END ${pemHeader} KEY-----\n`;
+  return pem;
+};
+
+const makeRSAKeyNonextractable = async (key: CryptoKey, type: KeyType) => {
+  const format = type === "public" ? "spki" : "pkcs8";
+  const keyUsage = type === "public" ? "encrypt" : "decrypt";
+  return await window.crypto.subtle.importKey(
+    format,
+    await window.crypto.subtle.exportKey(format, key),
+    {
+      name: "RSA-OAEP",
+      hash: "SHA-256",
+    } satisfies RsaHashedImportParams,
+    false,
+    [keyUsage],
+  );
+};
+
+export const generateKeyPair = async () => {
+  const keyPair = await generateRSAKeyPair();
+
+  const privKeySecure = await makeRSAKeyNonextractable(keyPair.privateKey, "private");
+  await storeKeyPairIntoIndexedDB(keyPair.publicKey, privKeySecure);
+
+  const pubKeyPem = await exportKeyAsPem(keyPair.publicKey, "public");
+  const privKeyPem = await exportKeyAsPem(keyPair.privateKey, "private");
+  return { pubKeyPem, privKeyPem };
+};