wbn-sign: Add support for calculating the Web Bundle ID with CLI tool

This adds the support to automatically calculate the Web Bundle ID also
when using the package's Node CLI tool without Webpack / Rollup plugins.

There's two options how to output the ID:
1. Printing to the console
2. Creating a file where it is saved.

In the case of a bash script, the file can be read and saved into an
environment variable for example like this:
`export DUMP_WEB_BUNDLE_ID="$(<webbundleid.txt )"`

js/sign/bin/wbn-dump-id.js

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+import { main } from '../lib/cli-dump-id.js';
+
+main();

js/sign/bin/wbn-sign.js

@@ -1,4 +1,4 @@
 #!/usr/bin/env node
-import { main } from '../lib/cli.js';
+import { main } from '../lib/cli-sign.js';
 
 main();

js/sign/package.json

@@ -18,7 +18,8 @@
     "lint": "npx prettier --write . --ignore-unknown --config ./package.json"
   },
   "bin": {
-    "wbn-sign": "./bin/wbn-sign.js"
+    "wbn-sign": "./bin/wbn-sign.js",
+    "wbn-dump-id": "./bin/wbn-dump-id.js"
   },
   "repository": {
     "type": "git",

js/sign/src/cli-dump-id.ts

@@ -0,0 +1,47 @@
+import commander from 'commander';
+import { WebBundleId } from './wbn-sign.js';
+import * as fs from 'fs';
+import { greenConsoleLog, parseMaybeEncryptedKey } from './utils/cli-utils.js';
+import { KeyObject } from 'crypto';
+
+const program = new commander.Command()
+  .name('wbn-dump-id')
+  .description(
+    'A simple CLI tool to dump the Web Bundle ID matching to the given private key.'
+  );
+
+function readOptions() {
+  return program
+    .requiredOption(
+      '-k, --privateKey <file>',
+      'path to ed25519 private key (required)'
+    )
+    .option(
+      '-s, --scheme',
+      'Dumps the Web Bundle ID with isolated-app:// scheme. By default it only dumps the ID.',
+      /*defaultValue=*/ false
+    )
+    .option(
+      '-o, --output <"print" OR fileName>',
+      'Either prints the Web Bundle ID to the console or saves it into a file with the given name.',
+      /*defaultValue=*/ 'print'
+    )
+    .parse(process.argv);
+}
+
+export async function main() {
+  const options = readOptions();
+  const parsedPrivateKey: KeyObject = await parseMaybeEncryptedKey(
+    fs.readFileSync(options.privateKey)
+  );
+
+  const webBundleId = options.scheme
+    ? new WebBundleId(parsedPrivateKey).serializeWithIsolatedWebAppOrigin()
+    : new WebBundleId(parsedPrivateKey).serialize();
+
+  if (options.output === 'print') {
+    greenConsoleLog(webBundleId);
+  } else {
+    fs.writeFileSync(options.output, webBundleId);
+  }
+}

js/sign/src/cli-sign.ts

@@ -0,0 +1,48 @@
+import commander from 'commander';
+import {
+  NodeCryptoSigningStrategy,
+  IntegrityBlockSigner,
+  WebBundleId,
+} from './wbn-sign.js';
+import * as fs from 'fs';
+import { greenConsoleLog, parseMaybeEncryptedKey } from './utils/cli-utils.js';
+import { KeyObject } from 'crypto';
+
+const program = new commander.Command()
+  .name('wbn-sign')
+  .description(
+    'A simple CLI tool to sign the given web bundle with the given private key.'
+  );
+
+function readOptions() {
+  return program
+    .requiredOption(
+      '-i, --input <file>',
+      'input web bundle to be signed (required)'
+    )
+    .requiredOption(
+      '-k, --privateKey <file>',
+      'path to ed25519 private key (required)'
+    )
+    .option(
+      '-o, --output <file>',
+      'signed web bundle output file',
+      'signed.wbn'
+    )
+    .parse(process.argv);
+}
+
+export async function main() {
+  const options = readOptions();
+  const webBundle = fs.readFileSync(options.input);
+  const parsedPrivateKey: KeyObject = await parseMaybeEncryptedKey(
+    fs.readFileSync(options.privateKey)
+  );
+  const signer = new IntegrityBlockSigner(
+    webBundle,
+    new NodeCryptoSigningStrategy(parsedPrivateKey)
+  );
+  const { signedWebBundle } = await signer.sign();
+  greenConsoleLog(`${new WebBundleId(parsedPrivateKey)}`);
+  fs.writeFileSync(options.output, signedWebBundle);
+}

js/sign/src/cli.ts → js/sign/src/utils/cli-utils.ts

@@ -1,32 +1,6 @@
-import commander from 'commander';
-import {
-  NodeCryptoSigningStrategy,
-  IntegrityBlockSigner,
-  WebBundleId,
-  parsePemKey,
-  readPassphrase,
-} from './wbn-sign.js';
-import * as fs from 'fs';
+import { WebBundleId, parsePemKey, readPassphrase } from '../wbn-sign.js';
 import { KeyObject } from 'crypto';
 
-function readOptions() {
-  return commander
-    .requiredOption(
-      '-i, --input <file>',
-      'input web bundle to be signed (required)'
-    )
-    .requiredOption(
-      '-k, --privateKey <file>',
-      'path to ed25519 private key (required)'
-    )
-    .option(
-      '-o, --output <file>',
-      'signed web bundle output file',
-      'signed.wbn'
-    )
-    .parse(process.argv);
-}
-
 // Parses either an unencrypted or encrypted private key. For encrypted keys, it
 // reads the passphrase to decrypt them from either the
 // `WEB_BUNDLE_SIGNING_PASSPHRASE` environment variable, or, if not set, prompts
@@ -64,24 +38,7 @@ export async function parseMaybeEncryptedKey(
   }
 }
 
-export async function main() {
-  const options = readOptions();
-  const webBundle = fs.readFileSync(options.input);
-  const parsedPrivateKey = await parseMaybeEncryptedKey(
-    fs.readFileSync(options.privateKey)
-  );
-  const signer = new IntegrityBlockSigner(
-    webBundle,
-    new NodeCryptoSigningStrategy(parsedPrivateKey)
-  );
-  const { signedWebBundle } = await signer.sign();
-
+export function greenConsoleLog(textToPrint: string): void {
   const consoleLogColor = { green: '\x1b[32m', reset: '\x1b[0m' };
-  console.log(
-    `${consoleLogColor.green}${new WebBundleId(parsedPrivateKey)}${
-      consoleLogColor.reset
-    }`
-  );
-
-  fs.writeFileSync(options.output, signedWebBundle);
+  console.log(`${consoleLogColor.green}${textToPrint}${consoleLogColor.reset}`);
 }