@atproto/aws 0.1.4 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/dist/index.js +26 -2
- package/dist/index.js.map +2 -2
- package/package.json +3 -3
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,20 @@
|
|
|
1
1
|
# @atproto/aws
|
|
2
2
|
|
|
3
|
+
## 0.1.6
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Updated dependencies []:
|
|
8
|
+
- @atproto/repo@0.3.6
|
|
9
|
+
|
|
10
|
+
## 0.1.5
|
|
11
|
+
|
|
12
|
+
### Patch Changes
|
|
13
|
+
|
|
14
|
+
- Updated dependencies [[`e1b5f253`](https://github.com/bluesky-social/atproto/commit/e1b5f2537a5ba4d8b951a741269b604856028ae5)]:
|
|
15
|
+
- @atproto/crypto@0.3.0
|
|
16
|
+
- @atproto/repo@0.3.5
|
|
17
|
+
|
|
3
18
|
## 0.1.4
|
|
4
19
|
|
|
5
20
|
### Patch Changes
|
package/dist/index.js
CHANGED
|
@@ -138560,11 +138560,23 @@ var verifyDidSig = async (did2, data, sig, opts) => {
|
|
|
138560
138560
|
return verifySig(keyBytes, data, sig, opts);
|
|
138561
138561
|
};
|
|
138562
138562
|
var verifySig = async (publicKey, data, sig, opts) => {
|
|
138563
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
138563
138564
|
const msgHash = await sha256(data);
|
|
138565
|
+
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
138566
|
+
return false;
|
|
138567
|
+
}
|
|
138564
138568
|
return p256.verify(sig, msgHash, publicKey, {
|
|
138565
|
-
lowS:
|
|
138569
|
+
lowS: !allowMalleable
|
|
138566
138570
|
});
|
|
138567
138571
|
};
|
|
138572
|
+
var isCompactFormat = (sig) => {
|
|
138573
|
+
try {
|
|
138574
|
+
const parsed = p256.Signature.fromCompact(sig);
|
|
138575
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
138576
|
+
} catch {
|
|
138577
|
+
return false;
|
|
138578
|
+
}
|
|
138579
|
+
};
|
|
138568
138580
|
|
|
138569
138581
|
// ../crypto/src/p256/plugin.ts
|
|
138570
138582
|
var p256Plugin = {
|
|
@@ -138583,11 +138595,23 @@ var verifyDidSig2 = async (did2, data, sig, opts) => {
|
|
|
138583
138595
|
return verifySig2(keyBytes, data, sig, opts);
|
|
138584
138596
|
};
|
|
138585
138597
|
var verifySig2 = async (publicKey, data, sig, opts) => {
|
|
138598
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
138586
138599
|
const msgHash = await sha256(data);
|
|
138600
|
+
if (!allowMalleable && !isCompactFormat2(sig)) {
|
|
138601
|
+
return false;
|
|
138602
|
+
}
|
|
138587
138603
|
return secp256k1.verify(sig, msgHash, publicKey, {
|
|
138588
|
-
lowS:
|
|
138604
|
+
lowS: !allowMalleable
|
|
138589
138605
|
});
|
|
138590
138606
|
};
|
|
138607
|
+
var isCompactFormat2 = (sig) => {
|
|
138608
|
+
try {
|
|
138609
|
+
const parsed = secp256k1.Signature.fromCompact(sig);
|
|
138610
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
138611
|
+
} catch {
|
|
138612
|
+
return false;
|
|
138613
|
+
}
|
|
138614
|
+
};
|
|
138591
138615
|
|
|
138592
138616
|
// ../crypto/src/secp256k1/plugin.ts
|
|
138593
138617
|
var secp256k1Plugin = {
|