암호 관련 모듈 리팩토링

src/lib/indexedDB.ts

@@ -45,7 +45,7 @@ export const storeClientKey = async (key: CryptoKey, usage: ClientKeyUsage) => {
       if (key.type !== "private") {
         throw new Error("Private key required");
       } else if (key.extractable) {
-        throw new Error("Private key must be non-extractable");
+        throw new Error("Private key must be nonextractable");
       }
       break;
   }
@@ -58,7 +58,7 @@ export const getMasterKeys = async () => {
 
 export const storeMasterKeys = async (keys: MasterKey[]) => {
   if (keys.some(({ key }) => key.extractable)) {
-    throw new Error("Master keys must be non-extractable");
+    throw new Error("Master keys must be nonextractable");
   }
   await keyStore.masterKey.bulkPut(keys);
 };

src/lib/modules/crypto/aes.ts

@@ -27,14 +27,10 @@ export const generateDataKey = async () => {
   };
 };
 
-const exportAESKey = async (key: CryptoKey) => {
-  return await window.crypto.subtle.exportKey("raw", key);
-};
-
 export const makeAESKeyNonextractable = async (key: CryptoKey) => {
   return await window.crypto.subtle.importKey(
     "raw",
-    await exportAESKey(key),
+    await window.crypto.subtle.exportKey("raw", key),
     key.algorithm,
     false,
     key.usages,
@@ -53,7 +49,7 @@ export const unwrapDataKey = async (dataKeyWrapped: string, masterKey: CryptoKey
       masterKey,
       "AES-KW",
       "AES-GCM",
-      false, // Non-extractable
+      false, // Nonextractable
       ["encrypt", "decrypt"],
     ),
   };

src/lib/modules/crypto/rsa.ts

@@ -1,4 +1,4 @@
-import { encodeToBase64, decodeFromBase64 } from "./util";
+import { encodeString, encodeToBase64, decodeFromBase64 } from "./util";
 
 export const generateEncryptionKeyPair = async () => {
   const keyPair = await window.crypto.subtle.generateKey(
@@ -123,21 +123,20 @@ export const verifySignature = async (
 };
 
 export const signMasterKeyWrapped = async (
-  masterKeyVersion: number,
   masterKeyWrapped: string,
+  masterKeyVersion: number,
   signKey: CryptoKey,
 ) => {
   const serialized = JSON.stringify({
     version: masterKeyVersion,
     key: masterKeyWrapped,
   });
-  const serializedBuffer = new TextEncoder().encode(serialized);
-  return encodeToBase64(await signMessage(serializedBuffer, signKey));
+  return encodeToBase64(await signMessage(encodeString(serialized), signKey));
 };
 
 export const verifyMasterKeyWrapped = async (
-  masterKeyVersion: number,
   masterKeyWrapped: string,
+  masterKeyVersion: number,
   masterKeyWrappedSig: string,
   verifyKey: CryptoKey,
 ) => {
@@ -145,6 +144,9 @@ export const verifyMasterKeyWrapped = async (
     version: masterKeyVersion,
     key: masterKeyWrapped,
   });
-  const serializedBuffer = new TextEncoder().encode(serialized);
-  return await verifySignature(serializedBuffer, decodeFromBase64(masterKeyWrappedSig), verifyKey);
+  return await verifySignature(
+    encodeString(serialized),
+    decodeFromBase64(masterKeyWrappedSig),
+    verifyKey,
+  );
 };

src/lib/services/key.ts

@@ -52,8 +52,8 @@ export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey:
           state,
           masterKey,
           isValid: await verifyMasterKeyWrapped(
-            version,
             masterKeyWrapped,
+            version,
             masterKeyWrappedSig,
             verifyKey,
           ),

src/routes/(fullscreen)/key/export/service.ts

@@ -48,7 +48,7 @@ export const requestInitialMasterKeyRegistration = async (
 ) => {
   const res = await callPostApi<InitialMasterKeyRegisterRequest>("/api/mek/register/initial", {
     mek: masterKeyWrapped,
-    mekSig: await signMasterKeyWrapped(1, masterKeyWrapped, signKey),
+    mekSig: await signMasterKeyWrapped(masterKeyWrapped, 1, signKey),
   });
   return res.ok || res.status === 409;
 };