@enactprotocol/shared 1.2.2 → 1.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/EnactCore.js +2 -16
- package/package.json +1 -1
package/dist/core/EnactCore.js
CHANGED
|
@@ -5,7 +5,7 @@ import { DaggerExecutionProvider } from "./DaggerExecutionProvider.js";
|
|
|
5
5
|
import { resolveToolEnvironmentVariables } from "../utils/env-loader.js";
|
|
6
6
|
import logger from "../exec/logger.js";
|
|
7
7
|
import yaml from "yaml";
|
|
8
|
-
import { CryptoUtils,
|
|
8
|
+
import { CryptoUtils, SecurityConfigManager, SigningService } from "@enactprotocol/security";
|
|
9
9
|
export class EnactCore {
|
|
10
10
|
constructor(options = {}) {
|
|
11
11
|
this.options = {
|
|
@@ -266,7 +266,6 @@ export class EnactCore {
|
|
|
266
266
|
}
|
|
267
267
|
}
|
|
268
268
|
async verifyTool(tool, dangerouslySkipVerification = false) {
|
|
269
|
-
console.log("=== VERIFY TOOL CALLED ===", tool.name, "skipVerification:", dangerouslySkipVerification);
|
|
270
269
|
if (dangerouslySkipVerification) {
|
|
271
270
|
logger.warn(`Skipping signature verification for tool: ${tool.name}`);
|
|
272
271
|
return;
|
|
@@ -275,9 +274,6 @@ export class EnactCore {
|
|
|
275
274
|
if (!tool.signatures || tool.signatures.length === 0) {
|
|
276
275
|
throw new Error(`Tool ${tool.name} does not have any signatures`);
|
|
277
276
|
}
|
|
278
|
-
console.log("=== TOOL SIGNATURE DATA ===");
|
|
279
|
-
console.log("Tool signatures from database:", JSON.stringify(tool.signatures, null, 2));
|
|
280
|
-
console.log("Tool command:", tool.command);
|
|
281
277
|
const documentForVerification = {
|
|
282
278
|
command: tool.command
|
|
283
279
|
};
|
|
@@ -289,22 +285,12 @@ export class EnactCore {
|
|
|
289
285
|
};
|
|
290
286
|
// Check what canonical document looks like
|
|
291
287
|
const canonicalDoc = SigningService.getCanonicalDocument(documentForVerification, { includeFields: ['command'] });
|
|
292
|
-
console.log("=== SIGNATURE VERIFICATION DEBUG ===");
|
|
293
|
-
console.log("Original document for verification:", JSON.stringify(documentForVerification, null, 2));
|
|
294
|
-
console.log("Canonical document:", JSON.stringify(canonicalDoc, null, 2));
|
|
295
288
|
const docString = JSON.stringify(canonicalDoc);
|
|
296
289
|
const messageHash = CryptoUtils.hash(docString);
|
|
297
|
-
console.log("Document string:", docString);
|
|
298
|
-
console.log("Message hash:", messageHash);
|
|
299
|
-
console.log("Reference signature object:", JSON.stringify(referenceSignature, null, 2));
|
|
300
290
|
// Test direct crypto verification
|
|
301
291
|
const directVerify = CryptoUtils.verify(referenceSignature.publicKey, messageHash, referenceSignature.signature);
|
|
302
|
-
console.log("KEITH DEBUG - Direct crypto verification result:", directVerify, "publicKey:", referenceSignature.publicKey);
|
|
303
292
|
// Check trusted keys
|
|
304
|
-
const trustedKeys = KeyManager.getAllTrustedPublicKeys();
|
|
305
|
-
console.log("Trusted keys:", trustedKeys);
|
|
306
|
-
console.log("Our referenceSignature.publicKey:", JSON.stringify(referenceSignature.publicKey));
|
|
307
|
-
console.log("Is our public key trusted?", trustedKeys.includes(referenceSignature.publicKey));
|
|
293
|
+
// const trustedKeys = KeyManager.getAllTrustedPublicKeys();
|
|
308
294
|
const isValid = SigningService.verifyDocument(documentForVerification, referenceSignature, { includeFields: ['command'] });
|
|
309
295
|
console.log("Final verification result:", isValid);
|
|
310
296
|
if (!isValid) {
|