From 46e43f4bde4a35785b4997b81e86cd19f046b69b Mon Sep 17 00:00:00 2001 From: Minteck Date: Tue, 21 Dec 2021 16:52:28 +0100 Subject: Commit --- src/trust.js | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 src/trust.js (limited to 'src/trust.js') diff --git a/src/trust.js b/src/trust.js new file mode 100644 index 0000000..0271396 --- /dev/null +++ b/src/trust.js @@ -0,0 +1,91 @@ +/*!!obdef!!*/_ob=false;/*!!obdef!!*/ +const fs = require('fs'); +const md = require('./tpm/spark-md5'); +const chalk = require('./tpm/chalk'); + +const encrypt = (text) => { + + return new Buffer.from(text).toString("hex"); +}; + +const decrypt = (hash) => { + + return new Buffer.from(hash, "hex").toString("utf-8"); +}; + +module.exports = { + check: (file, luf) => { + try { + if (fs.existsSync(file)) { + content = fs.readFileSync(file); + hash = md.hash(content.toString()); + if (fs.existsSync("./keys.bin")) { + keys = JSON.parse(new Buffer.from(decrypt(fs.readFileSync("./keys.bin").toString()), "base64").toString("utf-8")); + if (hash === keys[file].key) { + console.log(chalk.green("File " + file + " has valid certificate: \n Certificate ID: " + keys[file].id + "\n Certificate Issuer: " + keys[file].issuer)); + } else { + if (typeof keys[file] == "undefined") { + console.log(chalk.red("File " + file + " not in certificate database")); + process.exit(2); + } else { + console.log(chalk.red("File " + file + " has invalid signature: " + hash)); + process.exit(2); + } + } + } else { + console.log(chalk.yellow("No certificate database found, will skip check")); + } + } else { + if (!luf) { + throw new Error("File not found"); + } else { + console.log(chalk.red("File not found: " + file)); + } + } + } catch (e) { + console.log(chalk.redBright("Unable to check certificate for file " + file + ": error -1. Developers: did you added this file to the build tree instead of the source tree?")); + if (!_ob) { console.error(e) }; + process.exit(2); + } + }, + add: (file, name, displayname) => { + try { + if (typeof displayname != "undefined") { + dn = displayname; + } else { + dn = file; + } + if (fs.existsSync(file)) { + content = fs.readFileSync(file); + hash = md.hash(content.toString()); + if (fs.existsSync("./keys.bin")) { + keys = JSON.parse(new Buffer.from(decrypt(fs.readFileSync("./keys.bin").toString()), "base64").toString("utf-8")); + } else { + keys = {}; + } + if (typeof keys[dn] != "undefined") { + if (keys[dn].issuer !== name) { + console.log(chalk.red("File " + file + " was signed using a different issuer name (" + keys[file].issuer + "), cannot overwrite")); + process.exit(2); + } + } + keys[dn] = {}; + keys[dn].key = hash; + keys[dn].issuer = name; + keys[dn].id = Math.round(Math.random() * 100000); + fs.writeFileSync("./keys.bin", encrypt(new Buffer.from(JSON.stringify(keys)).toString("base64"))); + if (typeof displayname != "undefined") { + console.log(chalk.green("Added " + file + " (shown as " + displayname + ") to certificates database, signed using " + name)); + } else { + console.log(chalk.green("Added " + file + " to certificates database, signed using " + name)); + } + } else { + throw new Error("File not found"); + } + } catch (e) { + console.log(chalk.redBright("Unable to add certificate to database: error -1")); + if (!_ob) { console.error(e) }; + process.exit(2); + } + } +} \ No newline at end of file -- cgit