From db900d8038b7060ffe5bcaf651a014ad71149c08 Mon Sep 17 00:00:00 2001
From: static <kmc7468@naver.com>
Date: Wed, 8 Jan 2025 20:05:50 +0900
Subject: [PATCH] =?UTF-8?q?=EC=95=94=ED=98=B8=20=EA=B4=80=EB=A0=A8=20?=
 =?UTF-8?q?=EB=AA=A8=EB=93=88=20=EB=A6=AC=ED=8C=A9=ED=86=A0=EB=A7=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/lib/indexedDB.ts                          |  4 ++--
 src/lib/modules/crypto/aes.ts                 |  8 ++------
 src/lib/modules/crypto/rsa.ts                 | 16 +++++++++-------
 src/lib/services/key.ts                       |  2 +-
 src/routes/(fullscreen)/key/export/service.ts |  2 +-
 5 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/src/lib/indexedDB.ts b/src/lib/indexedDB.ts
index ff4660b..b2fbd22 100644
--- a/src/lib/indexedDB.ts
+++ b/src/lib/indexedDB.ts
@@ -45,7 +45,7 @@ export const storeClientKey = async (key: CryptoKey, usage: ClientKeyUsage) => {
       if (key.type !== "private") {
         throw new Error("Private key required");
       } else if (key.extractable) {
-        throw new Error("Private key must be non-extractable");
+        throw new Error("Private key must be nonextractable");
       }
       break;
   }
@@ -58,7 +58,7 @@ export const getMasterKeys = async () => {
 
 export const storeMasterKeys = async (keys: MasterKey[]) => {
   if (keys.some(({ key }) => key.extractable)) {
-    throw new Error("Master keys must be non-extractable");
+    throw new Error("Master keys must be nonextractable");
   }
   await keyStore.masterKey.bulkPut(keys);
 };
diff --git a/src/lib/modules/crypto/aes.ts b/src/lib/modules/crypto/aes.ts
index ccf982f..df04851 100644
--- a/src/lib/modules/crypto/aes.ts
+++ b/src/lib/modules/crypto/aes.ts
@@ -27,14 +27,10 @@ export const generateDataKey = async () => {
   };
 };
 
-const exportAESKey = async (key: CryptoKey) => {
-  return await window.crypto.subtle.exportKey("raw", key);
-};
-
 export const makeAESKeyNonextractable = async (key: CryptoKey) => {
   return await window.crypto.subtle.importKey(
     "raw",
-    await exportAESKey(key),
+    await window.crypto.subtle.exportKey("raw", key),
     key.algorithm,
     false,
     key.usages,
@@ -53,7 +49,7 @@ export const unwrapDataKey = async (dataKeyWrapped: string, masterKey: CryptoKey
       masterKey,
       "AES-KW",
       "AES-GCM",
-      false, // Non-extractable
+      false, // Nonextractable
       ["encrypt", "decrypt"],
     ),
   };
diff --git a/src/lib/modules/crypto/rsa.ts b/src/lib/modules/crypto/rsa.ts
index c4a7be5..9eb81c0 100644
--- a/src/lib/modules/crypto/rsa.ts
+++ b/src/lib/modules/crypto/rsa.ts
@@ -1,4 +1,4 @@
-import { encodeToBase64, decodeFromBase64 } from "./util";
+import { encodeString, encodeToBase64, decodeFromBase64 } from "./util";
 
 export const generateEncryptionKeyPair = async () => {
   const keyPair = await window.crypto.subtle.generateKey(
@@ -123,21 +123,20 @@ export const verifySignature = async (
 };
 
 export const signMasterKeyWrapped = async (
-  masterKeyVersion: number,
   masterKeyWrapped: string,
+  masterKeyVersion: number,
   signKey: CryptoKey,
 ) => {
   const serialized = JSON.stringify({
     version: masterKeyVersion,
     key: masterKeyWrapped,
   });
-  const serializedBuffer = new TextEncoder().encode(serialized);
-  return encodeToBase64(await signMessage(serializedBuffer, signKey));
+  return encodeToBase64(await signMessage(encodeString(serialized), signKey));
 };
 
 export const verifyMasterKeyWrapped = async (
-  masterKeyVersion: number,
   masterKeyWrapped: string,
+  masterKeyVersion: number,
   masterKeyWrappedSig: string,
   verifyKey: CryptoKey,
 ) => {
@@ -145,6 +144,9 @@ export const verifyMasterKeyWrapped = async (
     version: masterKeyVersion,
     key: masterKeyWrapped,
   });
-  const serializedBuffer = new TextEncoder().encode(serialized);
-  return await verifySignature(serializedBuffer, decodeFromBase64(masterKeyWrappedSig), verifyKey);
+  return await verifySignature(
+    encodeString(serialized),
+    decodeFromBase64(masterKeyWrappedSig),
+    verifyKey,
+  );
 };
diff --git a/src/lib/services/key.ts b/src/lib/services/key.ts
index 335df73..5a2c620 100644
--- a/src/lib/services/key.ts
+++ b/src/lib/services/key.ts
@@ -52,8 +52,8 @@ export const requestMasterKeyDownload = async (decryptKey: CryptoKey, verifyKey:
           state,
           masterKey,
           isValid: await verifyMasterKeyWrapped(
-            version,
             masterKeyWrapped,
+            version,
             masterKeyWrappedSig,
             verifyKey,
           ),
diff --git a/src/routes/(fullscreen)/key/export/service.ts b/src/routes/(fullscreen)/key/export/service.ts
index a96b4be..8a59f94 100644
--- a/src/routes/(fullscreen)/key/export/service.ts
+++ b/src/routes/(fullscreen)/key/export/service.ts
@@ -48,7 +48,7 @@ export const requestInitialMasterKeyRegistration = async (
 ) => {
   const res = await callPostApi<InitialMasterKeyRegisterRequest>("/api/mek/register/initial", {
     mek: masterKeyWrapped,
-    mekSig: await signMasterKeyWrapped(1, masterKeyWrapped, signKey),
+    mekSig: await signMasterKeyWrapped(masterKeyWrapped, 1, signKey),
   });
   return res.ok || res.status === 409;
 };