클라이언트 승인 대기 페이지 구현

2025-12-16 15:08:46 +00:00 · 2024-12-31 21:58:13 +09:00
parent ccad4fbd8b
commit e5cbd46b35
13 changed files with 243 additions and 59 deletions
--- a/src/routes/(fullscreen)/key/generate/+page.svelte
+++ b/src/routes/(fullscreen)/key/generate/+page.svelte
@@ -5,7 +5,7 @@
  import { gotoStateful } from "$lib/hooks";
  import { clientKeyStore } from "$lib/stores";
  import Order from "./Order.svelte";
-  import { generateClientKeys, generateMekDraft } from "./service";
+  import { generateClientKeys, generateInitialMasterKey } from "./service";

  import IconKey from "~icons/material-symbols/key";

@@ -34,13 +34,13 @@
  const generate = async () => {
    // TODO: Loading indicator

-    const clientKeys = await generateClientKeys();
-    const { mekDraft } = await generateMekDraft();
+    const { encryptKey, ...clientKeys } = await generateClientKeys();
+    const { masterKeyWrapped } = await generateInitialMasterKey(encryptKey);

    await gotoStateful("/key/export", {
      ...clientKeys,
      redirectPath: data.redirectPath,
-      mekDraft,
+      masterKeyWrapped,
    });
  };

--- a/src/routes/(fullscreen)/key/generate/service.ts
+++ b/src/routes/(fullscreen)/key/generate/service.ts
@@ -4,9 +4,9 @@ import {
  exportRSAKeyToBase64,
  generateAESKey,
  makeAESKeyNonextractable,
-  exportAESKey,
+  wrapAESKeyUsingRSA,
 } from "$lib/modules/crypto";
-import { clientKeyStore, mekStore } from "$lib/stores";
+import { clientKeyStore } from "$lib/stores";

 export const generateClientKeys = async () => {
  const encKeyPair = await generateRSAKeyPair("encryption");
@@ -20,6 +20,7 @@ export const generateClientKeys = async () => {
  });

  return {
+    encryptKey: encKeyPair.publicKey,
    encryptKeyBase64: await exportRSAKeyToBase64(encKeyPair.publicKey),
    decryptKeyBase64: await exportRSAKeyToBase64(encKeyPair.privateKey),
    signKeyBase64: await exportRSAKeyToBase64(sigKeyPair.privateKey),
@@ -27,16 +28,10 @@ export const generateClientKeys = async () => {
  };
 };

-export const generateMekDraft = async () => {
-  const mek = await generateAESKey();
-  const mekSecured = await makeAESKeyNonextractable(mek);
-
-  mekStore.update((meks) => {
-    meks.set(0, mekSecured);
-    return meks;
-  });
-
+export const generateInitialMasterKey = async (encryptKey: CryptoKey) => {
+  const masterKey = await generateAESKey();
  return {
-    mekDraft: await exportAESKey(mek),
+    masterKey: await makeAESKeyNonextractable(masterKey),
+    masterKeyWrapped: await wrapAESKeyUsingRSA(masterKey, encryptKey),
  };
 };