var gpg = require('component-gpg-ex.js'); var File = java.io.File; var ECSignatureTool = Packages.me.hatter.tools.commons.security.sign.SignatureTool; var DEFAULT_SIGN_FILE_EXT = '.sig.txt'; var DEFAULT_PGP_KEY_ID = '6FAFC0E0170985AA71545483C794B1646A886CD6'; var DEFAULT_EC_PRIVATE_KEY_PGP_ENC = '-----BEGIN PGP MESSAGE-----\n' + 'Comment: GPGTools - https://gpgtools.org\n' + '\n' + 'hQIMA8N6kJ6vG/sAAQ//ef8seBe4daxW1tQg12G6tE2VhA1Y0W/Y3GKCtAxM8PwC\n' + 'j/VjanTqozVwVQp7Qb3hHoBkEJBAEjrNtIhUE7dJBSbrGkK5i8mkQpkc8MFgtx1A\n' + 'LVkhdNkTWenk07l6d56v0+iVjlWJsl9wlpP9eY3GkqkWydCXPEn0rICrB3mBf2BA\n' + 'SRPqucnzSpIjH+KXhUcyVFjU86ZHyzoRP5RwG2MVVSWhwt7Oyd9A6p1hAKHKIjwH\n' + 'K1W4PhxwrjnelcVWC2uwSLWXqgdXQ0EZXMzH5fv3R2EdZopyaC7AF6/jtauEs5RO\n' + 'X4l64jjfajqswSZKW0fGKqJgPVzb3p2fBGBeBFx2sYGU/Xk7QTQlfKOvADzLdEIE\n' + 'hw/i1Huo/xSg4CYiyjlVw82x6cA10UP2d7KRA21NPqWQUKv9p6aWpjkXoM1UE+5D\n' + 'TdyHSnT0Fu+VaBsGZ+3/x+oRlM6PHjk22n8CUEsZecYzGnyXyAEJuCaYOVtfSMTW\n' + 'gdy13gJInaxMawHHyRVFqJClZsXc4LEsSsY4fdTus6mEkD+S5S2gkoFffB6uLWYL\n' + 'pq59IIJ+tp2Y3wxCqUXhu0PYer5No7lU/A53+dtcj7xQYLoOUlB/DkHWfmqAsJi7\n' + 'Zt+SXoy0ksCtXciBZRhuJESbISALjKqOfQIV/8J9GrN/zQl/dzEmrfgqE00hY1bS\n' + 'kQFX26y+2iY7k2xoLg+fNB6LNKmtM4U6115CL+rcX3p02P1f4E6O4gGEg9l/3fe2\n' + 'rz7+2a3WK/MNE1Ak7ImFf6ufU3PHUCQqyEqk7wGeNmRRG3SPJUyBQbpa6I+4xTZ8\n' + 'R6RqgeigqUMDFyyIwYULEwP+dqnHfRBeckh3MKGfrHQUmgrGDOYawxb1G+h2iaVC\n' + 'VtA=\n' + '=QCYC\n' + '-----END PGP MESSAGE-----'; var DEFAULT_EC_PUBLIC_KEY = 'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESZWG1x7tlv02YF+UZzuZdLquR6Oi3H7QRmaRWzDoupG66dWeKruRUQVj2ozliDKaRQ+5b91u/z9BApIaFs6quw=='; var generateECsecp256r1KeyPair = () => { var ecSignTool = ECSignatureTool.secp256r1(); ecSignTool.generateKeyPair(); return { 'privKey': ecSignTool.encodePriKey(), 'pubKey': ecSignTool.encodePubKey() }; }; var __defaultEcPrivateKeyBytes = null; var getDefaultEcPrivateKeyBytes = () => { if (__defaultEcPrivateKeyBytes != null) { return __defaultEcPrivateKeyBytes; } var __defaultEcPrivateKeyLocalFile = $$.file('~/.jssp/config/.defaultecprivatekey.json'); if (__defaultEcPrivateKeyLocalFile.exists()) { return __.bytes.fromBase64(JSON.parse($$.rFile(__defaultEcPrivateKeyLocalFile).string()).base64Key); } var tempPrivKeyFile = File.createTempFile('component-pki', '.temp_key'); $$.rFile(tempPrivKeyFile).write(DEFAULT_EC_PRIVATE_KEY_PGP_ENC); tempPrivKeyFile.deleteOnExit(); var privKey = gpg.decrypt(tempPrivKeyFile.getAbsolutePath()); __defaultEcPrivateKeyBytes = __.bytes.fromBase64(privKey.trim()); __defaultEcPrivateKeyLocalFile.getParentFile().mkdirs(); $$.rFile(__defaultEcPrivateKeyLocalFile).write(JSON.stringify({ 'date': $$.date().fmt('yyyy-MM-dd HH:mm:ss Z').format($$.date().today()), 'base64Key': __defaultEcPrivateKeyBytes.asBase64() })); return __defaultEcPrivateKeyBytes; }; var getDefaultEcPublicKeyBytes = () => { return __.bytes.fromBase64(DEFAULT_EC_PUBLIC_KEY); }; var getDefaultEcSignSignature = () => { return ECSignatureTool.secp256r1().decodePriKey(getDefaultEcPrivateKeyBytes()).signSHA256ECDSA(); }; var getDefaultEcVerifySignature = () => { return ECSignatureTool.secp256r1().decodePubKey(getDefaultEcPublicKeyBytes()).verifySHA256ECDSA(); }; var defaultSignFile = (file) => { file = $$.file(file); if (file.getName().endsWith(DEFAULT_SIGN_FILE_EXT) || !(file.exists()) || !(file.isFile())) { return false; } var signFile = $$.file(file.getAbsoluteFile().getParentFile(), file.getName() + DEFAULT_SIGN_FILE_EXT); var sigHex = $$.rFile(file).sign(getDefaultEcSignSignature()).asHex(); $$.rFile(signFile).write(JSON.stringify({ 'length': $$.str(file.length()), 'lastModified': $$.str(file.lastModified()), 'signature': sigHex })); return true; }; var defaultSignFileV2 = (file) => { file = $$.file(file); if (file.getName().endsWith(DEFAULT_SIGN_FILE_EXT) || !(file.exists()) || !(file.isFile())) { return false; } var signFile = $$.file(file.getAbsoluteFile().getParentFile(), file.getName() + DEFAULT_SIGN_FILE_EXT); var sha256 = $$.rFile(file).digest(__.digests.sha256()).asHex(); var sigHex = __.bytes.fromHex(sha256).sign(getDefaultEcSignSignature()).asHex(); $$.rFile(signFile).write(JSON.stringify({ 'version': 2, 'length': $$.str(file.length()), 'lastModified': $$.str(file.lastModified()), 'SHA256': sha256, 'signature': sigHex })); return true; }; var defaultQuickVerifyFile = (file) => { file = $$.file(file); if (file.getName().endsWith(DEFAULT_SIGN_FILE_EXT) || !(file.exists()) || !(file.isFile())) { return null; } var signFile = $$.file(file.getAbsoluteFile().getParentFile(), file.getName() + DEFAULT_SIGN_FILE_EXT); if (!(signFile.exists())) { return null; } var signatureJSON = JSON.parse($$.rFile(signFile).string().trim()); return $$.strEquals(file.length(), signatureJSON.length) && $$.strEquals(file.lastModified(), signatureJSON.lastModified); }; var defaultVerifyFile = (file) => { file = $$.file(file); if (file.getName().endsWith(DEFAULT_SIGN_FILE_EXT) || !(file.exists()) || !(file.isFile())) { return null; } var signFile = $$.file(file.getAbsoluteFile().getParentFile(), file.getName() + DEFAULT_SIGN_FILE_EXT); if (!(signFile.exists())) { return null; } var signatureJSON = JSON.parse($$.rFile(signFile).string().trim()); if (signatureJSON.version) { var sha256 = $$.rFile(file).digest(__.digests.sha256()); return $$.strEquals(sha256.asHex(), signatureJSON.SHA256) && sha256.verify(getDefaultEcVerifySignature(), __.bytes.fromHex(signatureJSON.signature)); } else { return $$.rFile(file).verify(getDefaultEcVerifySignature(), __.bytes.fromHex(signatureJSON.signature)); } }; if (typeof exports == 'object') { exports.generateECsecp256r1KeyPair = generateECsecp256r1KeyPair; exports.getDefaultEcPrivateKeyBytes = getDefaultEcPrivateKeyBytes; exports.getDefaultEcPublicKeyBytes = getDefaultEcPublicKeyBytes; exports.getDefaultEcSignSignature = getDefaultEcSignSignature; exports.getDefaultEcVerifySignature = getDefaultEcVerifySignature; exports.defaultSignFile = defaultSignFile; exports.defaultVerifyFile = defaultVerifyFile; exports.defaultSignFileV2 = defaultSignFileV2; exports.defaultQuickVerifyFile = defaultQuickVerifyFile; }