@atproto/aws 0.1.3 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -0
- package/LICENSE.txt +7 -0
- package/dist/index.js +36 -8
- package/dist/index.js.map +2 -2
- package/package.json +4 -4
- package/LICENSE +0 -21
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,22 @@
|
|
|
1
1
|
# @atproto/aws
|
|
2
2
|
|
|
3
|
+
## 0.1.5
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Updated dependencies [[`e1b5f253`](https://github.com/bluesky-social/atproto/commit/e1b5f2537a5ba4d8b951a741269b604856028ae5)]:
|
|
8
|
+
- @atproto/crypto@0.3.0
|
|
9
|
+
- @atproto/repo@0.3.5
|
|
10
|
+
|
|
11
|
+
## 0.1.4
|
|
12
|
+
|
|
13
|
+
### Patch Changes
|
|
14
|
+
|
|
15
|
+
- Updated dependencies [[`84e2d4d2`](https://github.com/bluesky-social/atproto/commit/84e2d4d2b6694f344d80c18672c78b650189d423)]:
|
|
16
|
+
- @atproto/common@0.3.3
|
|
17
|
+
- @atproto/crypto@0.2.3
|
|
18
|
+
- @atproto/repo@0.3.4
|
|
19
|
+
|
|
3
20
|
## 0.1.3
|
|
4
21
|
|
|
5
22
|
### Patch Changes
|
package/LICENSE.txt
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
Dual MIT/Apache-2.0 License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2022-2023 Bluesky PBC, and Contributors
|
|
4
|
+
|
|
5
|
+
Except as otherwise noted in individual files, this software is licensed under the MIT license (<http://opensource.org/licenses/MIT>), or the Apache License, Version 2.0 (<http://www.apache.org/licenses/LICENSE-2.0>).
|
|
6
|
+
|
|
7
|
+
Downstream projects and end users may chose either license individually, or both together, at their discretion. The motivation for this dual-licensing is the additional software patent assurance provided by Apache 2.0.
|
package/dist/index.js
CHANGED
|
@@ -138552,16 +138552,30 @@ var decompressPubkey2 = (compressed) => {
|
|
|
138552
138552
|
};
|
|
138553
138553
|
|
|
138554
138554
|
// ../crypto/src/p256/operations.ts
|
|
138555
|
-
var verifyDidSig = async (did2, data, sig) => {
|
|
138555
|
+
var verifyDidSig = async (did2, data, sig, opts) => {
|
|
138556
138556
|
const { jwtAlg, keyBytes } = parseDidKey(did2);
|
|
138557
138557
|
if (jwtAlg !== P256_JWT_ALG) {
|
|
138558
138558
|
throw new Error(`Not a P-256 did:key: ${did2}`);
|
|
138559
138559
|
}
|
|
138560
|
-
return verifySig(keyBytes, data, sig);
|
|
138560
|
+
return verifySig(keyBytes, data, sig, opts);
|
|
138561
138561
|
};
|
|
138562
|
-
var verifySig = async (publicKey, data, sig) => {
|
|
138562
|
+
var verifySig = async (publicKey, data, sig, opts) => {
|
|
138563
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
138563
138564
|
const msgHash = await sha256(data);
|
|
138564
|
-
|
|
138565
|
+
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
138566
|
+
return false;
|
|
138567
|
+
}
|
|
138568
|
+
return p256.verify(sig, msgHash, publicKey, {
|
|
138569
|
+
lowS: !allowMalleable
|
|
138570
|
+
});
|
|
138571
|
+
};
|
|
138572
|
+
var isCompactFormat = (sig) => {
|
|
138573
|
+
try {
|
|
138574
|
+
const parsed = p256.Signature.fromCompact(sig);
|
|
138575
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
138576
|
+
} catch {
|
|
138577
|
+
return false;
|
|
138578
|
+
}
|
|
138565
138579
|
};
|
|
138566
138580
|
|
|
138567
138581
|
// ../crypto/src/p256/plugin.ts
|
|
@@ -138573,16 +138587,30 @@ var p256Plugin = {
|
|
|
138573
138587
|
var plugin_default = p256Plugin;
|
|
138574
138588
|
|
|
138575
138589
|
// ../crypto/src/secp256k1/operations.ts
|
|
138576
|
-
var verifyDidSig2 = async (did2, data, sig) => {
|
|
138590
|
+
var verifyDidSig2 = async (did2, data, sig, opts) => {
|
|
138577
138591
|
const { jwtAlg, keyBytes } = parseDidKey(did2);
|
|
138578
138592
|
if (jwtAlg !== SECP256K1_JWT_ALG) {
|
|
138579
138593
|
throw new Error(`Not a secp256k1 did:key: ${did2}`);
|
|
138580
138594
|
}
|
|
138581
|
-
return verifySig2(keyBytes, data, sig);
|
|
138595
|
+
return verifySig2(keyBytes, data, sig, opts);
|
|
138582
138596
|
};
|
|
138583
|
-
var verifySig2 = async (publicKey, data, sig) => {
|
|
138597
|
+
var verifySig2 = async (publicKey, data, sig, opts) => {
|
|
138598
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
138584
138599
|
const msgHash = await sha256(data);
|
|
138585
|
-
|
|
138600
|
+
if (!allowMalleable && !isCompactFormat2(sig)) {
|
|
138601
|
+
return false;
|
|
138602
|
+
}
|
|
138603
|
+
return secp256k1.verify(sig, msgHash, publicKey, {
|
|
138604
|
+
lowS: !allowMalleable
|
|
138605
|
+
});
|
|
138606
|
+
};
|
|
138607
|
+
var isCompactFormat2 = (sig) => {
|
|
138608
|
+
try {
|
|
138609
|
+
const parsed = secp256k1.Signature.fromCompact(sig);
|
|
138610
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
138611
|
+
} catch {
|
|
138612
|
+
return false;
|
|
138613
|
+
}
|
|
138586
138614
|
};
|
|
138587
138615
|
|
|
138588
138616
|
// ../crypto/src/secp256k1/plugin.ts
|