403Webshell
Server IP : 66.29.132.122  /  Your IP : 3.142.156.235
Web Server : LiteSpeed
System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : admazpex ( 531)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/proc/thread-self/root/opt/alt/alt-nodejs20/root/lib/node_modules/npm/node_modules.bundled/@sigstore/verify/dist/timestamp/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/proc/thread-self/root/opt/alt/alt-nodejs20/root/lib/node_modules/npm/node_modules.bundled/@sigstore/verify/dist/timestamp/tsa.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyRFC3161Timestamp = void 0;
const core_1 = require("@sigstore/core");
const error_1 = require("../error");
const certificate_1 = require("../key/certificate");
const trust_1 = require("../trust");
function verifyRFC3161Timestamp(timestamp, data, timestampAuthorities) {
    const signingTime = timestamp.signingTime;
    // Filter for CAs which were valid at the time of signing
    timestampAuthorities = (0, trust_1.filterCertAuthorities)(timestampAuthorities, {
        start: signingTime,
        end: signingTime,
    });
    // Filter for CAs which match serial and issuer embedded in the timestamp
    timestampAuthorities = filterCAsBySerialAndIssuer(timestampAuthorities, {
        serialNumber: timestamp.signerSerialNumber,
        issuer: timestamp.signerIssuer,
    });
    // Check that we can verify the timestamp with AT LEAST ONE of the remaining
    // CAs
    const verified = timestampAuthorities.some((ca) => {
        try {
            verifyTimestampForCA(timestamp, data, ca);
            return true;
        }
        catch (e) {
            return false;
        }
    });
    if (!verified) {
        throw new error_1.VerificationError({
            code: 'TIMESTAMP_ERROR',
            message: 'timestamp could not be verified',
        });
    }
}
exports.verifyRFC3161Timestamp = verifyRFC3161Timestamp;
function verifyTimestampForCA(timestamp, data, ca) {
    const [leaf, ...cas] = ca.certChain;
    const signingKey = core_1.crypto.createPublicKey(leaf.publicKey);
    const signingTime = timestamp.signingTime;
    // Verify the certificate chain for the provided CA
    try {
        new certificate_1.CertificateChainVerifier({
            untrustedCert: leaf,
            trustedCerts: cas,
        }).verify();
    }
    catch (e) {
        throw new error_1.VerificationError({
            code: 'TIMESTAMP_ERROR',
            message: 'invalid certificate chain',
        });
    }
    // Check that all of the CA certs were valid at the time of signing
    const validAtSigningTime = ca.certChain.every((cert) => cert.validForDate(signingTime));
    if (!validAtSigningTime) {
        throw new error_1.VerificationError({
            code: 'TIMESTAMP_ERROR',
            message: 'timestamp was signed with an expired certificate',
        });
    }
    // Check that the signing certificate's key can be used to verify the
    // timestamp signature.
    timestamp.verify(data, signingKey);
}
// Filters the list of CAs to those which have a leaf signing certificate which
// matches the given serial number and issuer.
function filterCAsBySerialAndIssuer(timestampAuthorities, criteria) {
    return timestampAuthorities.filter((ca) => ca.certChain.length > 0 &&
        core_1.crypto.bufferEqual(ca.certChain[0].serialNumber, criteria.serialNumber) &&
        core_1.crypto.bufferEqual(ca.certChain[0].issuer, criteria.issuer));
}

Youez - 2016 - github.com/yon3zu
LinuXploit