• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1"use strict";
2var __importDefault = (this && this.__importDefault) || function (mod) {
3    return (mod && mod.__esModule) ? mod : { "default": mod };
4};
5Object.defineProperty(exports, "__esModule", { value: true });
6exports.randomBytes = exports.hash = exports.verifyBlob = exports.signBlob = exports.createPublicKey = exports.generateKeyPair = void 0;
7/*
8Copyright 2022 The Sigstore Authors.
9
10Licensed under the Apache License, Version 2.0 (the "License");
11you may not use this file except in compliance with the License.
12You may obtain a copy of the License at
13
14    http://www.apache.org/licenses/LICENSE-2.0
15
16Unless required by applicable law or agreed to in writing, software
17distributed under the License is distributed on an "AS IS" BASIS,
18WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19See the License for the specific language governing permissions and
20limitations under the License.
21*/
22const crypto_1 = __importDefault(require("crypto"));
23const EC_KEYPAIR_TYPE = 'ec';
24const P256_CURVE = 'P-256';
25const SHA256_ALGORITHM = 'sha256';
26function generateKeyPair() {
27    return crypto_1.default.generateKeyPairSync(EC_KEYPAIR_TYPE, {
28        namedCurve: P256_CURVE,
29    });
30}
31exports.generateKeyPair = generateKeyPair;
32function createPublicKey(key) {
33    if (typeof key === 'string') {
34        return crypto_1.default.createPublicKey(key);
35    }
36    else {
37        return crypto_1.default.createPublicKey({ key, format: 'der', type: 'spki' });
38    }
39}
40exports.createPublicKey = createPublicKey;
41function signBlob(data, privateKey) {
42    return crypto_1.default.sign(null, data, privateKey);
43}
44exports.signBlob = signBlob;
45function verifyBlob(data, key, signature, algorithm) {
46    // The try/catch is to work around an issue in Node 14.x where verify throws
47    // an error in some scenarios if the signature is invalid.
48    try {
49        return crypto_1.default.verify(algorithm, data, key, signature);
50    }
51    catch (e) {
52        return false;
53    }
54}
55exports.verifyBlob = verifyBlob;
56function hash(data) {
57    const hash = crypto_1.default.createHash(SHA256_ALGORITHM);
58    return hash.update(data).digest();
59}
60exports.hash = hash;
61function randomBytes(count) {
62    return crypto_1.default.randomBytes(count);
63}
64exports.randomBytes = randomBytes;
65