Add standard implementation for ASAR Integrity info #410
Description
From @nmggithub:
Something I came across as I was working on my @electron/asar PR: it seems the ASAR Integrity feature is implemented across multiple different projects.
@electron/fuses just seems to flip the fuse, not actually add the integrity information
@electron/packager includes an implementation of getting the integrity information (https://github.com/electron/packager/blob/v19.0.5/src/platform.ts#L364-L372)
@electron/universal has its own implementation of getting the integrity information (https://github.com/electron/universal/blob/v3.0.2/src/asar-utils.ts#L54-L62)
electron itself has an implementation as well (https://github.com/electron/electron/blob/v41.0.0/script/gn-asar-hash.js)
electron itself also seems to have a spec file that tests the common implementation (https://github.com/electron/electron/blob/v41.0.0/spec/asar-integrity-spec.ts#L114)I'm wondering what makes sense for features like this. Keeping @electron/fuses scoped to just flipping the fuses is nice and simple, but when a fuse requires side-effects (like actually adding the integrity information) that does seem to force the implementation of those side-effects to live elsewhere. I think it might make more sense for @electron/asar to hold the "single source of truth" for the implementation of ASAR Integrity, but that would be expanding its scope a bit since its designed, first and foremost, to manipulate .asar files, not the apps that contain them. My PR did push it a bit into the latter direction, though.