Quad4-Software/software-station
2
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity

Update asset verification and user experience
All checks were successful
renovate / renovate (push) Successful in 2m8s
Details
CI / build (push) Successful in 10m24s
Details

Browse Source 
- Added SRI hash injection during frontend build to improve security.
- Updated ESLint configuration to include 'navigator' as a global variable.
- Introduced a new `settingsStore` to manage user preferences for asset verification.
- Enhanced `SoftwareCard` and `VerificationModal` components to display contributor information and security checks.
- Updated `verificationStore` to handle expanded toast notifications for detailed verification steps.
- Implemented a new `CodeBlock` component for displaying code snippets with syntax highlighting.
- Improved API documentation and added new endpoints for fetching software and asset details.
This commit is contained in:
ivan
2025-12-27 16:29:05 -06:00
parent 3605710875
commit 4c60e3cf4a
19 changed files with 1209 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
software-verifier/main.go
View File

@@ -11,20 +11,56 @@ import (
// verifySHA256 verifies that the SHA256 hash of the input data matches the provided expected hash.
func verifySHA256(this js.Value, args []js.Value) any {
if len(args) < 2 {
return js.ValueOf("invalid arguments: expected (data []uint8, expectedHash string)")
return js.ValueOf(map[string]any{
"valid": false,
"error": "invalid arguments: expected (data []uint8, expectedHash string)",
})
}
dataLen := args[0].Get("length").Int()
data := make([]byte, dataLen)
steps := []any{}
js.CopyBytesToGo(data, args[0])
steps = append(steps, map[string]any{
"name": "Data Loading",
"status": "success",
"details": fmt.Sprintf("Successfully read %d bytes into WASM memory", dataLen),
})
expectedHash := args[1].String()
actualHash := computeSHA256(data)
steps = append(steps, map[string]any{
"name": "Checksum Calculation",
"status": "success",
"details": fmt.Sprintf("Computed SHA256: %s", actualHash),
})
if actualHash == expectedHash {
return js.ValueOf(true)
steps = append(steps, map[string]any{
"name": "Identity Verification",
"status": "success",
"details": "Computed hash matches the signed manifest",
})
return js.ValueOf(map[string]any{
"valid": true,
"steps": steps,
})
}
return js.ValueOf(fmt.Sprintf("hash mismatch: got %s, expected %s", actualHash, expectedHash))
steps = append(steps, map[string]any{
"name": "Identity Verification",
"status": "error",
"details": fmt.Sprintf("Hash mismatch! Got %s, expected %s", actualHash, expectedHash),
})
return js.ValueOf(map[string]any{
"valid": false,
"steps": steps,
"error": fmt.Sprintf("hash mismatch: got %s, expected %s", actualHash, expectedHash),
})
}
// main initializes the WebAssembly module and exposes verifySHA256 to the JavaScript global scope.