From 79fd506d30eef3d113f4a8e3ab9ebd9004f1e8cc Mon Sep 17 00:00:00 2001 From: João Augusto Costa Branco Marado Torres Date: Sat, 28 Jun 2025 18:14:22 -0300 Subject: feat: index page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: João Augusto Costa Branco Marado Torres --- src/lib/pgp/sign.ts | 1 + src/lib/pgp/trust.ts | 5 +++-- src/lib/pgp/user.ts | 33 +++++++++++++++++++++++++++++++++ src/lib/pgp/verify.ts | 39 +++++---------------------------------- 4 files changed, 42 insertions(+), 36 deletions(-) create mode 100644 src/lib/pgp/user.ts (limited to 'src/lib/pgp') diff --git a/src/lib/pgp/sign.ts b/src/lib/pgp/sign.ts index 5f7f5a8..6d1e78c 100644 --- a/src/lib/pgp/sign.ts +++ b/src/lib/pgp/sign.ts @@ -26,6 +26,7 @@ export class Signature { getPackets(key?: MaybeIterable): Packet[] { key ??= this.signingKeyIDs; + // deno-lint-ignore no-undef const iterator = Iterator.from(surelyIterable(key)); return iterator.map((key) => this.#packets.get(key.bytes)).filter(defined) .flatMap(identity).toArray(); diff --git a/src/lib/pgp/trust.ts b/src/lib/pgp/trust.ts index cf022b4..34d454b 100644 --- a/src/lib/pgp/trust.ts +++ b/src/lib/pgp/trust.ts @@ -1,19 +1,20 @@ import type { Key } from "npm:openpgp@^6.1.1"; -import { TRUSTED_KEYS_DIR } from "../../consts.ts"; import { createKeysFromDir } from "./create.ts"; import type { AsyncYieldType } from "../../utils/iterator.ts"; import { equal, getCall } from "../../utils/anonymous.ts"; +import { env } from "../env.ts"; let trusted: | Iterable>> | undefined = undefined; const fingerprints = () => + // deno-lint-ignore no-undef Iterator.from(trusted ?? []).map(getCall("getFingerprint")); export async function keyTrust(key: Key): Promise { if (trusted === undefined) { - trusted = await Array.fromAsync(createKeysFromDir(TRUSTED_KEYS_DIR)); + trusted = await Array.fromAsync(createKeysFromDir(env.TRUSTED_KEYS_DIR)); } return fingerprints().some(equal(key.getFingerprint())) ? 255 : 0; } diff --git a/src/lib/pgp/user.ts b/src/lib/pgp/user.ts new file mode 100644 index 0000000..334fbde --- /dev/null +++ b/src/lib/pgp/user.ts @@ -0,0 +1,33 @@ +import { PublicKey, type Subkey, UserIDPacket } from "openpgp"; +import type { Signature } from "./sign.ts"; +import { defined, get } from "../../utils/anonymous.ts"; + +export function getUserIDsFromKey( + signature: Signature | undefined, + key: PublicKey | Subkey, +): UserIDPacket[] { + const packet = signature?.getPackets?.()?.[0]; + const userID = packet?.signersUserID; + + if (userID) { + return [UserIDPacket.fromObject(parseUserID(userID))]; + } + + key = key instanceof PublicKey ? key : key.mainKey; + return key.users.map(get("userID")).filter(defined); +} + +function parseUserID(input: string) { + const regex = /^(.*?)\s*(?:\((.*?)\))?\s*(?:<(.+?)>)?$/; + const match = input.match(regex); + + if (!match) return {}; + + const [, name, comment, email] = match; + + return { + name: name?.trim() || undefined, + comment: comment?.trim() || undefined, + email: email?.trim() || undefined, + }; +} diff --git a/src/lib/pgp/verify.ts b/src/lib/pgp/verify.ts index da2de7f..f37c0bb 100644 --- a/src/lib/pgp/verify.ts +++ b/src/lib/pgp/verify.ts @@ -3,7 +3,7 @@ import { PublicKey, readSignature, type Subkey, - UserIDPacket, + type UserIDPacket, verify, } from "openpgp"; import { @@ -18,11 +18,12 @@ import { type KeyFileFormat, } from "./create.ts"; import { getLastCommitForOneOfFiles } from "../git/log.ts"; -import { defined, get, instanciate } from "../../utils/anonymous.ts"; +import { get, instanciate } from "../../utils/anonymous.ts"; import { Packet, Signature } from "./sign.ts"; import type { Commit } from "../git/types.ts"; -import { TRUSTED_KEYS_DIR } from "../../consts.ts"; import { findMapAsync, type MaybeIterable } from "../../utils/iterator.ts"; +import { getUserIDsFromKey } from "./user.ts"; +import { env } from "../env.ts"; type DataURL = [URL, URL?]; type Corrupted = [false] | [true, Error]; @@ -251,7 +252,7 @@ export class SignatureVerifier { public static async instance(): Promise { if (!SignatureVerifier.#instance) { SignatureVerifier.#instance = new SignatureVerifier(); - await SignatureVerifier.#instance.addKeysFromDir(TRUSTED_KEYS_DIR); + await SignatureVerifier.#instance.addKeysFromDir(env.TRUSTED_KEYS_DIR); } return SignatureVerifier.#instance; @@ -270,36 +271,6 @@ export class SignatureVerifier { export const verifier = SignatureVerifier.instance(); -function getUserIDsFromKey( - signature: Signature, - key: PublicKey | Subkey, -): UserIDPacket[] { - const packet = signature.getPackets()[0]; - const userID = packet.signersUserID; - - if (userID) { - return [UserIDPacket.fromObject(parseUserID(userID))]; - } - - key = key instanceof PublicKey ? key : key.mainKey; - return key.users.map(get("userID")).filter(defined); -} - -function parseUserID(input: string) { - const regex = /^(.*?)\s*(?:\((.*?)\))?\s*(?:<(.+?)>)?$/; - const match = input.match(regex); - - if (!match) return {}; - - const [, name, comment, email] = match; - - return { - name: name?.trim() || undefined, - comment: comment?.trim() || undefined, - email: email?.trim() || undefined, - }; -} - async function isSignatureCorrupted( verified: Awaited< ReturnType -- cgit v1.2.3