REDROOM
PHP 8.2.31
Path:
Logout
Edit File
Size: 2.48 KB
Close
/opt/alt/alt-nodejs22/root/lib/node_modules/npm/node_modules/@sigstore/verify/dist/timestamp/tsa.js
Text
Base64
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.verifyRFC3161Timestamp = verifyRFC3161Timestamp; const core_1 = require("@sigstore/core"); const error_1 = require("../error"); const certificate_1 = require("../key/certificate"); const trust_1 = require("../trust"); function verifyRFC3161Timestamp(timestamp, data, timestampAuthorities) { const signingTime = timestamp.signingTime; // Filter for CAs which were valid at the time of signing timestampAuthorities = (0, trust_1.filterCertAuthorities)(timestampAuthorities, signingTime); // Filter for CAs which match serial and issuer embedded in the timestamp timestampAuthorities = filterCAsBySerialAndIssuer(timestampAuthorities, { serialNumber: timestamp.signerSerialNumber, issuer: timestamp.signerIssuer, }); // Check that we can verify the timestamp with AT LEAST ONE of the remaining // CAs const verified = timestampAuthorities.some((ca) => { try { verifyTimestampForCA(timestamp, data, ca); return true; } catch (e) { return false; } }); if (!verified) { throw new error_1.VerificationError({ code: 'TIMESTAMP_ERROR', message: 'timestamp could not be verified', }); } } function verifyTimestampForCA(timestamp, data, ca) { const [leaf, ...cas] = ca.certChain; const signingKey = core_1.crypto.createPublicKey(leaf.publicKey); const signingTime = timestamp.signingTime; // Verify the certificate chain for the provided CA try { new certificate_1.CertificateChainVerifier({ untrustedCert: leaf, trustedCerts: cas, timestamp: signingTime, }).verify(); } catch (e) { throw new error_1.VerificationError({ code: 'TIMESTAMP_ERROR', message: 'invalid certificate chain', }); } // Check that the signing certificate's key can be used to verify the // timestamp signature. timestamp.verify(data, signingKey); } // Filters the list of CAs to those which have a leaf signing certificate which // matches the given serial number and issuer. function filterCAsBySerialAndIssuer(timestampAuthorities, criteria) { return timestampAuthorities.filter((ca) => ca.certChain.length > 0 && core_1.crypto.bufferEqual(ca.certChain[0].serialNumber, criteria.serialNumber) && core_1.crypto.bufferEqual(ca.certChain[0].issuer, criteria.issuer)); }
Save
Close
Exit & Reset
Text mode: syntax highlighting auto-detects file type.
Directory Contents
Dirs: 0 × Files: 5
Delete Selected
Select All
Select None
Sort:
Name
Size
Modified
Enable drag-to-move
Name
Size
Perms
Modified
Actions
checkpoint.js
6.79 KB
lrw-r--r--
2026-05-24 11:43:32
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
index.js
1.62 KB
lrw-r--r--
2026-05-24 11:43:32
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
merkle.js
4.18 KB
lrw-r--r--
2026-05-24 11:43:32
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
set.js
2.52 KB
lrw-r--r--
2026-05-24 11:43:32
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
tsa.js
2.48 KB
lrw-r--r--
2026-05-24 11:43:32
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
Zip Selected
If ZipArchive is unavailable, a
.tar
will be created (no compression).