mirror of
https://github.com/kmc7468/arkvault.git
synced 2025-12-14 22:08:45 +00:00
39 lines
1.3 KiB
TypeScript
39 lines
1.3 KiB
TypeScript
import { error } from "@sveltejs/kit";
|
|
import { setUserClientStateToActive } from "$lib/server/db/client";
|
|
import { IntegrityError } from "$lib/server/db/error";
|
|
import { registerInitialMek, getAllValidClientMeks } from "$lib/server/db/mek";
|
|
import { verifyClientEncMekSig } from "$lib/server/modules/mek";
|
|
|
|
export const getClientMekList = async (userId: number, clientId: number) => {
|
|
const clientMeks = await getAllValidClientMeks(userId, clientId);
|
|
return {
|
|
encMeks: clientMeks.map((clientMek) => ({
|
|
version: clientMek.master_encryption_key.version,
|
|
state: clientMek.master_encryption_key.state as "active" | "retired",
|
|
encMek: clientMek.client_master_encryption_key.encMek,
|
|
encMekSig: clientMek.client_master_encryption_key.encMekSig,
|
|
})),
|
|
};
|
|
};
|
|
|
|
export const registerInitialActiveMek = async (
|
|
userId: number,
|
|
createdBy: number,
|
|
encMek: string,
|
|
encMekSig: string,
|
|
) => {
|
|
if (!(await verifyClientEncMekSig(userId, createdBy, 1, encMek, encMekSig))) {
|
|
error(400, "Invalid signature");
|
|
}
|
|
|
|
try {
|
|
await registerInitialMek(userId, createdBy, encMek, encMekSig);
|
|
await setUserClientStateToActive(userId, createdBy);
|
|
} catch (e) {
|
|
if (e instanceof IntegrityError && e.message === "MEK already registered") {
|
|
error(409, "Initial MEK already registered");
|
|
}
|
|
throw e;
|
|
}
|
|
};
|