cli: signed-integrity cli implementation started (ref. #66)

2022-12-10 22:02:18 +00:00 · 2022-12-10 22:02:18 +00:00 · 8406d4bc59
commit 8406d4bc59
--- a/plugins/signed-integrity/cli.js
+++ b/plugins/signed-integrity/cli.js
@ -0,0 +1,49 @@
+/* ========================================================================= *\
+|* === Signed Integrity: content integrity using signed integrity data   === *|
+\* ========================================================================= */
+
+/**
+ * signed-integrity plugin's deploy/utility functions
+ * 
+ * this code expects a Deno runtime:
+ * https://deno.land/
+ */
+
+
+/**
+ * generate an ECDSA P-384 keypair and export it as a JWK
+ * https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#json_web_key
+ */
+let genKeypair = async () => {
+    let keypair = await crypto.subtle.generateKey({
+                        name: "ECDSA",
+                        namedCurve: "P-384"
+                    },
+                    true,
+                    ["sign", "verify"]
+                );
+    let exported_keypair = {
+        publicKey: await crypto.subtle.exportKey("jwk", keypair.publicKey),
+        privateKey: await crypto.subtle.exportKey("jwk", keypair.privateKey)
+    }
+    return JSON.stringify(exported_keypair)
+}
+
+
+// this never changes
+const pluginName = "signed-integrity"
+const pluginDescription = "Fetching signed integrity data and using it to verify content.\nCLI used to generate subresource integrity tokens and save them in integrity files."
+const pluginVersion = 'COMMIT_UNKNOWN'
+const pluginActions = {
+    "gen-keypair": {
+        run: genKeypair,
+        description: "generate a keypair and export it as a JSON Web Key"
+    }
+}
+
+export {
+    pluginName as name,
+    pluginDescription as description,
+    pluginVersion as version,
+    pluginActions as actions
+}