• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1"use strict";
2Object.defineProperty(exports, "__esModule", { value: true });
3exports.BaseBundleBuilder = void 0;
4// BaseBundleBuilder is a base class for BundleBuilder implementations. It
5// provides a the basic wokflow for signing and witnessing an artifact.
6// Subclasses must implement the `package` method to assemble a valid bundle
7// with the generated signature and verification material.
8class BaseBundleBuilder {
9    constructor(options) {
10        this.signer = options.signer;
11        this.witnesses = options.witnesses;
12    }
13    // Executes the signing/witnessing process for the given artifact.
14    async create(artifact) {
15        const signature = await this.prepare(artifact).then((blob) => this.signer.sign(blob));
16        const bundle = await this.package(artifact, signature);
17        // Invoke all of the witnesses in parallel
18        const verificationMaterials = await Promise.all(this.witnesses.map((witness) => witness.testify(bundle.content, publicKey(signature.key))));
19        // Collect the verification material from all of the witnesses
20        const tlogEntryList = [];
21        const timestampList = [];
22        verificationMaterials.forEach(({ tlogEntries, rfc3161Timestamps }) => {
23            tlogEntryList.push(...(tlogEntries ?? []));
24            timestampList.push(...(rfc3161Timestamps ?? []));
25        });
26        // Merge the collected verification material into the bundle
27        bundle.verificationMaterial.tlogEntries = tlogEntryList;
28        bundle.verificationMaterial.timestampVerificationData = {
29            rfc3161Timestamps: timestampList,
30        };
31        return bundle;
32    }
33    // Override this function to apply any pre-signing transformations to the
34    // artifact. The returned buffer will be signed by the signer. The default
35    // implementation simply returns the artifact data.
36    async prepare(artifact) {
37        return artifact.data;
38    }
39}
40exports.BaseBundleBuilder = BaseBundleBuilder;
41// Extracts the public key from a KeyMaterial. Returns either the public key
42// or the certificate, depending on the type of key material.
43function publicKey(key) {
44    switch (key.$case) {
45        case 'publicKey':
46            return key.publicKey;
47        case 'x509Certificate':
48            return key.certificate;
49    }
50}
51