UNPKG

@octopusdeploy/step-packages-public-feed-encryption

Version:

A package that facilitates the generation of an encrypted signature for step package public feed. The encryption method follows the convention of [AWS Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html).

60 lines 3.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); __setModuleDefault(result, mod); return result; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.createSignature = exports.createHmac = exports.createHash = void 0; const crypto = __importStar(require("crypto")); const createHash = (algorithm, message) => { return crypto.createHash(algorithm).update(message).digest("hex"); }; exports.createHash = createHash; const createHmac = (algorithm, message, secret) => { return crypto.createHmac(algorithm, secret).update(message).digest("hex"); }; exports.createHmac = createHmac; const sortKeyValuePairs = (keyValuePairs) => { return keyValuePairs.sort((a, b) => (a.key > b.key ? 1 : a.key < b.key ? -1 : 0)); }; const keyValuePairToString = (keyValuePair) => { var _a; return `${keyValuePair.key.trim().toLowerCase()}:${(_a = keyValuePair.value) === null || _a === void 0 ? void 0 : _a.trim().replace(/\s+/g, " ")}\n`; }; const createCanonicalRequest = (algorithm, httpMethod, headers, payloads) => { const sortedHeaders = sortKeyValuePairs(headers); const canonicalHeaders = sortedHeaders.map((pair) => keyValuePairToString(pair)).join(); const signedHeader = sortedHeaders.map((pair) => pair.key.trim().toLowerCase()).join(";"); const canonicalPayloads = sortKeyValuePairs(payloads) .map((pair) => keyValuePairToString(pair)) .join(); const payloadHash = (0, exports.createHash)(algorithm, canonicalPayloads); return `${httpMethod}\n${canonicalHeaders}\n${signedHeader}\n${payloadHash}`; }; const createStringToSign = (algorithm, canonicalRequest, requestTimestamp) => { const canonicalRequestHash = (0, exports.createHash)(algorithm, canonicalRequest); return `${algorithm}\n${requestTimestamp}\n${canonicalRequestHash}`; }; const createSignature = (algorithm, secretKey, httpMethod, headers, payloads, requestTimestamp) => { const derivedSecret = (0, exports.createHmac)(algorithm, requestTimestamp, secretKey); const canonicalRequest = createCanonicalRequest(algorithm, httpMethod, headers, payloads); const stringToSign = createStringToSign(algorithm, canonicalRequest, requestTimestamp); return (0, exports.createHmac)(algorithm, stringToSign, derivedSecret); }; exports.createSignature = createSignature; //# sourceMappingURL=encryption.js.map