Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
hjw
/
myapp
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Haara: master
Haarat Tagit
myapp
/
node_modules
/
@sigstore
/
sign
/
dist
/
bundler
/
base.js

base.js 2.2 KB
Pysyvä linkki Historia Raaka

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 
  1. "use strict";
    2. 

  2. Object.defineProperty(exports, "__esModule", { value: true });
    3. 

  3. exports.BaseBundleBuilder = void 0;
    4. 

  4. // BaseBundleBuilder is a base class for BundleBuilder implementations. It
    5. 

  5. // provides a the basic wokflow for signing and witnessing an artifact.
    6. 

  6. // Subclasses must implement the `package` method to assemble a valid bundle
    7. 

  7. // with the generated signature and verification material.
    8. 

  8. class BaseBundleBuilder {
    9. 

  9.     constructor(options) {
    10. 

  10.         this.signer = options.signer;
    11. 

  11.         this.witnesses = options.witnesses;
    12. 

  12.     }
    13. 

  13.     // Executes the signing/witnessing process for the given artifact.
    14. 

  14.     async create(artifact) {
    15. 

  15.         const signature = await this.prepare(artifact).then((blob) => this.signer.sign(blob));
    16. 

  16.         const bundle = await this.package(artifact, signature);
    17. 

  17.         // Invoke all of the witnesses in parallel
    18. 

  18.         const verificationMaterials = await Promise.all(this.witnesses.map((witness) => witness.testify(bundle.content, publicKey(signature.key))));
    19. 

  19.         // Collect the verification material from all of the witnesses
    20. 

  20.         const tlogEntryList = [];
    21. 

  21.         const timestampList = [];
    22. 

  22.         verificationMaterials.forEach(({ tlogEntries, rfc3161Timestamps }) => {
    23. 

  23.             tlogEntryList.push(...(tlogEntries ?? []));
    24. 

  24.             timestampList.push(...(rfc3161Timestamps ?? []));
    25. 

  25.         });
    26. 

  26.         // Merge the collected verification material into the bundle
    27. 

  27.         bundle.verificationMaterial.tlogEntries = tlogEntryList;
    28. 

  28.         bundle.verificationMaterial.timestampVerificationData = {
    29. 

  29.             rfc3161Timestamps: timestampList,
    30. 

  30.         };
    31. 

  31.         return bundle;
    32. 

  32.     }
    33. 

  33.     // Override this function to apply any pre-signing transformations to the
    34. 

  34.     // artifact. The returned buffer will be signed by the signer. The default
    35. 

  35.     // implementation simply returns the artifact data.
    36. 

  36.     async prepare(artifact) {
    37. 

  37.         return artifact.data;
    38. 

  38.     }
    39. 

  39. }
    40. 

  40. exports.BaseBundleBuilder = BaseBundleBuilder;
    41. 

  41. // Extracts the public key from a KeyMaterial. Returns either the public key
    42. 

  42. // or the certificate, depending on the type of key material.
    43. 

  43. function publicKey(key) {
    44. 

  44.     switch (key.$case) {
    45. 

  45.         case 'publicKey':
    46. 

  46.             return key.publicKey;
    47. 

  47.         case 'x509Certificate':
    48. 

  48.             return key.certificate;
    49. 

  49.     }
    50. 

  50. }
    51.