Inicio Explorar Axuda
Rexistro Iniciar sesión
hjw
/
myapp
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Rama: master
Ramas Etiquetas
myapp
/
node_modules
/
@sigstore
/
verify
/
dist
/
timestamp
/
checkpoint.js

checkpoint.js 6.8 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 
  1. "use strict";
    2. 

  2. Object.defineProperty(exports, "__esModule", { value: true });
    3. 

  3. exports.verifyCheckpoint = verifyCheckpoint;
    4. 

  4. /*
    5. 

  5. Copyright 2023 The Sigstore Authors.
    6. 

  6. 

  7. Licensed under the Apache License, Version 2.0 (the "License");
    8. 

  8. you may not use this file except in compliance with the License.
    9. 

  9. You may obtain a copy of the License at
    10. 

  10. 

  11.     http://www.apache.org/licenses/LICENSE-2.0
    12. 

  12. 

  13. Unless required by applicable law or agreed to in writing, software
    14. 

  14. distributed under the License is distributed on an "AS IS" BASIS,
    15. 

  15. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    16. 

  16. See the License for the specific language governing permissions and
    17. 

  17. limitations under the License.
    18. 

  18. */
    19. 

  19. const core_1 = require("@sigstore/core");
    20. 

  20. const error_1 = require("../error");
    21. 

  21. const trust_1 = require("../trust");
    22. 

  22. // Separator between the note and the signatures in a checkpoint
    23. 

  23. const CHECKPOINT_SEPARATOR = '\n\n';
    24. 

  24. // Checkpoint signatures are of the following form:
    25. 

  25. // "– <identity> <key_hint+signature_bytes>\n"
    26. 

  26. // where:
    27. 

  27. // - the prefix is an emdash (U+2014).
    28. 

  28. // - <identity> gives a human-readable representation of the signing ID.
    29. 

  29. // - <key_hint+signature_bytes> is the first 4 bytes of the SHA256 hash of the
    30. 

  30. //   associated public key followed by the signature bytes.
    31. 

  31. const SIGNATURE_REGEX = /\u2014 (\S+) (\S+)\n/g;
    32. 

  32. // Verifies the checkpoint value in the given tlog entry. There are two steps
    33. 

  33. // to the verification:
    34. 

  34. // 1. Verify that all signatures in the checkpoint can be verified against a
    35. 

  35. //    trusted public key
    36. 

  36. // 2. Verify that the root hash in the checkpoint matches the root hash in the
    37. 

  37. //    inclusion proof
    38. 

  38. // See: https://github.com/transparency-dev/formats/blob/main/log/README.md
    39. 

  39. function verifyCheckpoint(entry, tlogs) {
    40. 

  40.     // Filter tlog instances to just those which were valid at the time of the
    41. 

  41.     // entry
    42. 

  42.     const validTLogs = (0, trust_1.filterTLogAuthorities)(tlogs, {
    43. 

  43.         targetDate: new Date(Number(entry.integratedTime) * 1000),
    44. 

  44.     });
    45. 

  45.     const inclusionProof = entry.inclusionProof;
    46. 

  46.     const signedNote = SignedNote.fromString(inclusionProof.checkpoint.envelope);
    47. 

  47.     const checkpoint = LogCheckpoint.fromString(signedNote.note);
    48. 

  48.     // Verify that the signatures in the checkpoint are all valid
    49. 

  49.     if (!verifySignedNote(signedNote, validTLogs)) {
    50. 

  50.         throw new error_1.VerificationError({
    51. 

  51.             code: 'TLOG_INCLUSION_PROOF_ERROR',
    52. 

  52.             message: 'invalid checkpoint signature',
    53. 

  53.         });
    54. 

  54.     }
    55. 

  55.     // Verify that the root hash from the checkpoint matches the root hash in the
    56. 

  56.     // inclusion proof
    57. 

  57.     if (!core_1.crypto.bufferEqual(checkpoint.logHash, inclusionProof.rootHash)) {
    58. 

  58.         throw new error_1.VerificationError({
    59. 

  59.             code: 'TLOG_INCLUSION_PROOF_ERROR',
    60. 

  60.             message: 'root hash mismatch',
    61. 

  61.         });
    62. 

  62.     }
    63. 

  63. }
    64. 

  64. // Verifies the signatures in the SignedNote. For each signature, the
    65. 

  65. // corresponding transparency log is looked up by the key hint and the
    66. 

  66. // signature is verified against the public key in the transparency log.
    67. 

  67. // Throws an error if any of the signatures are invalid.
    68. 

  68. function verifySignedNote(signedNote, tlogs) {
    69. 

  69.     const data = Buffer.from(signedNote.note, 'utf-8');
    70. 

  70.     return signedNote.signatures.every((signature) => {
    71. 

  71.         // Find the transparency log instance with the matching key hint
    72. 

  72.         const tlog = tlogs.find((tlog) => core_1.crypto.bufferEqual(tlog.logID.subarray(0, 4), signature.keyHint));
    73. 

  73.         if (!tlog) {
    74. 

  74.             return false;
    75. 

  75.         }
    76. 

  76.         return core_1.crypto.verify(data, tlog.publicKey, signature.signature);
    77. 

  77.     });
    78. 

  78. }
    79. 

  79. // SignedNote represents a signed note from a transparency log checkpoint. Consists
    80. 

  80. // of a body (or note) and one more signatures calculated over the body. See
    81. 

  81. // https://github.com/transparency-dev/formats/blob/main/log/README.md#signed-envelope
    82. 

  82. class SignedNote {
    83. 

  83.     constructor(note, signatures) {
    84. 

  84.         this.note = note;
    85. 

  85.         this.signatures = signatures;
    86. 

  86.     }
    87. 

  87.     // Deserialize a SignedNote from a string
    88. 

  88.     static fromString(envelope) {
    89. 

  89.         if (!envelope.includes(CHECKPOINT_SEPARATOR)) {
    90. 

  90.             throw new error_1.VerificationError({
    91. 

  91.                 code: 'TLOG_INCLUSION_PROOF_ERROR',
    92. 

  92.                 message: 'missing checkpoint separator',
    93. 

  93.             });
    94. 

  94.         }
    95. 

  95.         // Split the note into the header and the data portions at the separator
    96. 

  96.         const split = envelope.indexOf(CHECKPOINT_SEPARATOR);
    97. 

  97.         const header = envelope.slice(0, split + 1);
    98. 

  98.         const data = envelope.slice(split + CHECKPOINT_SEPARATOR.length);
    99. 

  99.         // Find all the signature lines in the data portion
    100. 

  100.         const matches = data.matchAll(SIGNATURE_REGEX);
    101. 

  101.         // Parse each of the matched signature lines into the name and signature.
    102. 

  102.         // The first four bytes of the signature are the key hint (should match the
    103. 

  103.         // first four bytes of the log ID), and the rest is the signature itself.
    104. 

  104.         const signatures = Array.from(matches, (match) => {
    105. 

  105.             const [, name, signature] = match;
    106. 

  106.             const sigBytes = Buffer.from(signature, 'base64');
    107. 

  107.             if (sigBytes.length < 5) {
    108. 

  108.                 throw new error_1.VerificationError({
    109. 

  109.                     code: 'TLOG_INCLUSION_PROOF_ERROR',
    110. 

  110.                     message: 'malformed checkpoint signature',
    111. 

  111.                 });
    112. 

  112.             }
    113. 

  113.             return {
    114. 

  114.                 name,
    115. 

  115.                 keyHint: sigBytes.subarray(0, 4),
    116. 

  116.                 signature: sigBytes.subarray(4),
    117. 

  117.             };
    118. 

  118.         });
    119. 

  119.         if (signatures.length === 0) {
    120. 

  120.             throw new error_1.VerificationError({
    121. 

  121.                 code: 'TLOG_INCLUSION_PROOF_ERROR',
    122. 

  122.                 message: 'no signatures found in checkpoint',
    123. 

  123.             });
    124. 

  124.         }
    125. 

  125.         return new SignedNote(header, signatures);
    126. 

  126.     }
    127. 

  127. }
    128. 

  128. // LogCheckpoint represents a transparency log checkpoint. Consists of the
    129. 

  129. // following:
    130. 

  130. //  - origin: the name of the transparency log
    131. 

  131. //  - logSize: the size of the log at the time of the checkpoint
    132. 

  132. //  - logHash: the root hash of the log at the time of the checkpoint
    133. 

  133. //  - rest: the rest of the checkpoint body, which is a list of log entries
    134. 

  134. // See:
    135. 

  135. // https://github.com/transparency-dev/formats/blob/main/log/README.md#checkpoint-body
    136. 

  136. class LogCheckpoint {
    137. 

  137.     constructor(origin, logSize, logHash, rest) {
    138. 

  138.         this.origin = origin;
    139. 

  139.         this.logSize = logSize;
    140. 

  140.         this.logHash = logHash;
    141. 

  141.         this.rest = rest;
    142. 

  142.     }
    143. 

  143.     static fromString(note) {
    144. 

  144.         const lines = note.trimEnd().split('\n');
    145. 

  145.         if (lines.length < 3) {
    146. 

  146.             throw new error_1.VerificationError({
    147. 

  147.                 code: 'TLOG_INCLUSION_PROOF_ERROR',
    148. 

  148.                 message: 'too few lines in checkpoint header',
    149. 

  149.             });
    150. 

  150.         }
    151. 

  151.         const origin = lines[0];
    152. 

  152.         const logSize = BigInt(lines[1]);
    153. 

  153.         const rootHash = Buffer.from(lines[2], 'base64');
    154. 

  154.         const rest = lines.slice(3);
    155. 

  155.         return new LogCheckpoint(origin, logSize, rootHash, rest);
    156. 

  156.     }
    157. 

  157. }
    158.