pdm/stream_deck_notion_timer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Ed25519 signature verification to auto-updater (v1.0.4)

Browse Source
This commit is contained in:
pdmarf
2026-04-10 20:20:10 +01:00
parent acb90f2d69
commit 84d5e96487
7 changed files with 94 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
scripts/sign.js Normal file
View File

@@ -0,0 +1,23 @@
#!/usr/bin/env node
// Signs plugin.js with the Ed25519 private key, producing plugin.js.sig
// The private key lives at ~/.notion-timer-signing-key.pem and is never committed.
const { sign } = require("crypto");
const fs = require("fs");
const path = require("path");
const PLUGIN_JS = path.join(__dirname, "../com.pdma.notion-timer.sdPlugin/bin/plugin.js");
const SIG_FILE = PLUGIN_JS + ".sig";
const KEY_FILE = path.join(process.env.HOME, ".notion-timer-signing-key.pem");
if (!fs.existsSync(KEY_FILE)) {
console.error(`Signing key not found at ${KEY_FILE}`);
process.exit(1);
}
const privateKey = fs.readFileSync(KEY_FILE, "utf8");
const payload = fs.readFileSync(PLUGIN_JS);
const signature = sign(null, payload, privateKey);
fs.writeFileSync(SIG_FILE, signature);
console.log(`Signed: ${path.basename(SIG_FILE)} (${signature.length} bytes)`);