@atproto/aws 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # @atproto/aws
2
2
 
3
+ ## 0.1.5
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`e1b5f253`](https://github.com/bluesky-social/atproto/commit/e1b5f2537a5ba4d8b951a741269b604856028ae5)]:
8
+ - @atproto/crypto@0.3.0
9
+ - @atproto/repo@0.3.5
10
+
3
11
  ## 0.1.4
4
12
 
5
13
  ### Patch Changes
package/dist/index.js CHANGED
@@ -138560,11 +138560,23 @@ var verifyDidSig = async (did2, data, sig, opts) => {
138560
138560
  return verifySig(keyBytes, data, sig, opts);
138561
138561
  };
138562
138562
  var verifySig = async (publicKey, data, sig, opts) => {
138563
+ const allowMalleable = opts?.allowMalleableSig ?? false;
138563
138564
  const msgHash = await sha256(data);
138565
+ if (!allowMalleable && !isCompactFormat(sig)) {
138566
+ return false;
138567
+ }
138564
138568
  return p256.verify(sig, msgHash, publicKey, {
138565
- lowS: opts?.lowS ?? true
138569
+ lowS: !allowMalleable
138566
138570
  });
138567
138571
  };
138572
+ var isCompactFormat = (sig) => {
138573
+ try {
138574
+ const parsed = p256.Signature.fromCompact(sig);
138575
+ return equals(parsed.toCompactRawBytes(), sig);
138576
+ } catch {
138577
+ return false;
138578
+ }
138579
+ };
138568
138580
 
138569
138581
  // ../crypto/src/p256/plugin.ts
138570
138582
  var p256Plugin = {
@@ -138583,11 +138595,23 @@ var verifyDidSig2 = async (did2, data, sig, opts) => {
138583
138595
  return verifySig2(keyBytes, data, sig, opts);
138584
138596
  };
138585
138597
  var verifySig2 = async (publicKey, data, sig, opts) => {
138598
+ const allowMalleable = opts?.allowMalleableSig ?? false;
138586
138599
  const msgHash = await sha256(data);
138600
+ if (!allowMalleable && !isCompactFormat2(sig)) {
138601
+ return false;
138602
+ }
138587
138603
  return secp256k1.verify(sig, msgHash, publicKey, {
138588
- lowS: opts?.lowS ?? true
138604
+ lowS: !allowMalleable
138589
138605
  });
138590
138606
  };
138607
+ var isCompactFormat2 = (sig) => {
138608
+ try {
138609
+ const parsed = secp256k1.Signature.fromCompact(sig);
138610
+ return equals(parsed.toCompactRawBytes(), sig);
138611
+ } catch {
138612
+ return false;
138613
+ }
138614
+ };
138591
138615
 
138592
138616
  // ../crypto/src/secp256k1/plugin.ts
138593
138617
  var secp256k1Plugin = {