UNPKG

@atomist/sdm

Version:

Atomist Software Delivery Machine SDK

github.com/atomist/sdm

atomist/sdm

130 lines (107 loc) 3.29 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
/* * Copyright © 2019 Atomist, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import { SdmGoalEvent } from "../goal/SdmGoalEvent"; import { SdmGoalMessage } from "../goal/SdmGoalMessage"; export interface VerificationKey<T> { name: string; publicKey: T; algorithm?: string; } /** * Private/public key pair to use for SDM goal signing and verification */ export interface SigningKey<T> extends VerificationKey<T> { privateKey: T; passphrase?: string; } /** * Defines the scope of which goes get signed and validated */ export enum GoalSigningScope { /** * Only verify incoming goals for fulfillment */ Fulfillment = "fulfillment", /** * Verify each incoming goal into any of the SDM event handlers */ All = "all", } /** * Strategy for implementing different signature algorithms */ export interface GoalSigningAlgorithm<T> { /** * Return the name of this algorithm */ name: string; /** * Sign the provided goal with the given key */ sign(goal: SdmGoalMessage, key: SigningKey<T>): Promise<string>; /** * Verify the provided goal against the signature */ verify(goal: SdmGoalEvent, signature: string, key: VerificationKey<T>): Promise<SdmGoalEvent>; } export interface GoalSigningConfiguration { /** * Enable goal signature verification on this SDM. */ enabled: boolean; /** * Scope for goal signing: * * Fulfillment: only verify goals before fulfillment * All: verify goals during all phases of a goal set execution */ scope: GoalSigningScope; /** * Public/Private key pair to use for goal signing. * The public key will also be used to verify incoming goals. */ signingKey?: SigningKey<any>; /** * Public keys to verify incoming goals */ verificationKeys?: VerificationKey<any> | Array<VerificationKey<any>>; /** * Algorithms to use for signing and verification * * Default RSA-SHA512 algorithm will always be available */ algorithms?: GoalSigningAlgorithm<any> | Array<GoalSigningAlgorithm<any>>; } export interface EventSigningConfiguration { /** * Enable event signature verification on this SDM. */ enabled: boolean; /** * Regular expressions matching subscription and mutation names * to identify events that should be verified. */ events: string[]; /** * Public/Private key pair to use for event signing. * The public key will also be used to verify incoming events. */ signingKey?: SigningKey<any>; /** * Public keys to verify incoming events */ verificationKeys?: VerificationKey<any> | Array<VerificationKey<any>>; }