@atproto/crypto 0.2.1 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md ADDED
@@ -0,0 +1,7 @@
1
+ # @atproto/crypto
2
+
3
+ ## 0.2.3
4
+
5
+ ### Patch Changes
6
+
7
+ - [#1788](https://github.com/bluesky-social/atproto/pull/1788) [`84e2d4d2`](https://github.com/bluesky-social/atproto/commit/84e2d4d2b6694f344d80c18672c78b650189d423) Thanks [@bnewbold](https://github.com/bnewbold)! - update license to "MIT or Apache2"
package/LICENSE.txt ADDED
@@ -0,0 +1,7 @@
1
+ Dual MIT/Apache-2.0 License
2
+
3
+ Copyright (c) 2022-2023 Bluesky PBC, and Contributors
4
+
5
+ Except as otherwise noted in individual files, this software is licensed under the MIT license (<http://opensource.org/licenses/MIT>), or the Apache License, Version 2.0 (<http://www.apache.org/licenses/LICENSE-2.0>).
6
+
7
+ Downstream projects and end users may chose either license individually, or both together, at their discretion. The motivation for this dual-licensing is the additional software patent assurance provided by Apache 2.0.
package/README.md CHANGED
@@ -1,3 +1,51 @@
1
- # ATP Crypto Library
1
+ # @atproto/crypto
2
2
 
3
- ATP's common cryptographic operations.
3
+ TypeScript library providing basic cryptographic helpers as needed in [atproto](https://atproto.com).
4
+
5
+ [![NPM](https://img.shields.io/npm/v/@atproto/crypto)](https://www.npmjs.com/package/@atproto/crypto)
6
+ [![Github CI Status](https://github.com/bluesky-social/atproto/actions/workflows/repo.yaml/badge.svg)](https://github.com/bluesky-social/atproto/actions/workflows/repo.yaml)
7
+
8
+ This package implements the two currently supported cryptographic systems:
9
+
10
+ - P-256 elliptic curve: aka "NIST P-256", aka secp256r1 (note the r), aka prime256v1
11
+ - K-256 elliptic curve: aka "NIST K-256", aka secp256k1 (note the k)
12
+
13
+ The details of cryptography in atproto are described in [the specification](https://atproto.com/specs/cryptography). This includes string encodings, validity of "low-S" signatures, byte representation "compression", hashing, and more.
14
+
15
+ ## Usage
16
+
17
+ ```typescript
18
+ import { verifySignature, Secp256k1Keypair, P256Keypair } from '@atproto/crypto'
19
+
20
+ // generate a new random K-256 private key
21
+ const keypair = await Secp256k1Keypair.create({ exportable: true })
22
+
23
+ // sign binary data, resulting signature bytes.
24
+ // SHA-256 hash of data is what actually gets signed.
25
+ // signature output is often base64-encoded.
26
+ const data = new Uint8Array([1, 2, 3, 4, 5, 6, 7, 8])
27
+ const sig = await keypair.sign(data)
28
+
29
+ // serialize the public key as a did:key string, which includes key type metadata
30
+ const pubDidKey = keypair.did()
31
+ console.log(pubDidKey)
32
+
33
+ // output would look something like: 'did:key:zQ3shVRtgqTRHC7Lj4DYScoDgReNpsDp3HBnuKBKt1FSXKQ38'
34
+
35
+ // verify signature using public key
36
+ const ok = verifySignature(pubDidKey, data, sig)
37
+ if (!ok) {
38
+ throw new Error('Uh oh, something is fishy')
39
+ } else {
40
+ console.log('Success')
41
+ }
42
+ ```
43
+
44
+ ## License
45
+
46
+ This project is dual-licensed under MIT and Apache 2.0 terms:
47
+
48
+ - MIT license ([LICENSE-MIT.txt](https://github.com/bluesky-social/atproto/blob/main/LICENSE-MIT.txt) or http://opensource.org/licenses/MIT)
49
+ - Apache License, Version 2.0, ([LICENSE-APACHE.txt](https://github.com/bluesky-social/atproto/blob/main/LICENSE-APACHE.txt) or http://www.apache.org/licenses/LICENSE-2.0)
50
+
51
+ Downstream projects and end users may chose either license individually, or both together, at their discretion. The motivation for this dual-licensing is the additional software patent assurance provided by Apache 2.0.
package/build.js CHANGED
@@ -1,16 +1,8 @@
1
- const pkgJson = require('@npmcli/package-json')
2
1
  const { nodeExternalsPlugin } = require('esbuild-node-externals')
3
2
 
4
3
  const buildShallow =
5
4
  process.argv.includes('--shallow') || process.env.ATP_BUILD_SHALLOW === 'true'
6
5
 
7
- if (process.argv.includes('--update-main-to-dist')) {
8
- return pkgJson
9
- .load(__dirname)
10
- .then((pkg) => pkg.update({ main: 'dist/index.js' }))
11
- .then((pkg) => pkg.save())
12
- }
13
-
14
6
  require('esbuild').build({
15
7
  logLevel: 'info',
16
8
  entryPoints: ['src/index.ts'],
package/dist/index.js CHANGED
@@ -17,10 +17,7 @@ var __copyProps = (to, from3, except, desc) => {
17
17
  }
18
18
  return to;
19
19
  };
20
- var __toESM = (mod2, isNodeMode, target) => (target = mod2 != null ? __create(__getProtoOf(mod2)) : {}, __copyProps(
21
- isNodeMode || !mod2 || !mod2.__esModule ? __defProp(target, "default", { value: mod2, enumerable: true }) : target,
22
- mod2
23
- ));
20
+ var __toESM = (mod2, isNodeMode, target) => (target = mod2 != null ? __create(__getProtoOf(mod2)) : {}, __copyProps(isNodeMode || !mod2 || !mod2.__esModule ? __defProp(target, "default", { value: mod2, enumerable: true }) : target, mod2));
24
21
  var __toCommonJS = (mod2) => __copyProps(__defProp({}, "__esModule", { value: true }), mod2);
25
22
 
26
23
  // src/index.ts
@@ -59,7 +56,7 @@ var DID_KEY_PREFIX = "did:key:";
59
56
  var P256_JWT_ALG = "ES256";
60
57
  var SECP256K1_JWT_ALG = "ES256K";
61
58
 
62
- // ../../node_modules/uint8arrays/esm/src/concat.js
59
+ // ../../node_modules/.pnpm/uint8arrays@3.0.0/node_modules/uint8arrays/esm/src/concat.js
63
60
  function concat(arrays, length2) {
64
61
  if (!length2) {
65
62
  length2 = arrays.reduce((acc, curr) => acc + curr.length, 0);
@@ -73,7 +70,7 @@ function concat(arrays, length2) {
73
70
  return output2;
74
71
  }
75
72
 
76
- // ../../node_modules/uint8arrays/esm/src/equals.js
73
+ // ../../node_modules/.pnpm/uint8arrays@3.0.0/node_modules/uint8arrays/esm/src/equals.js
77
74
  function equals(a, b) {
78
75
  if (a === b) {
79
76
  return true;
@@ -89,13 +86,13 @@ function equals(a, b) {
89
86
  return true;
90
87
  }
91
88
 
92
- // ../../node_modules/multiformats/esm/src/bases/identity.js
89
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/identity.js
93
90
  var identity_exports = {};
94
91
  __export(identity_exports, {
95
92
  identity: () => identity
96
93
  });
97
94
 
98
- // ../../node_modules/multiformats/esm/vendor/base-x.js
95
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/vendor/base-x.js
99
96
  function base(ALPHABET, name2) {
100
97
  if (ALPHABET.length >= 255) {
101
98
  throw new TypeError("Alphabet too long");
@@ -231,7 +228,7 @@ var src = base;
231
228
  var _brrp__multiformats_scope_baseX = src;
232
229
  var base_x_default = _brrp__multiformats_scope_baseX;
233
230
 
234
- // ../../node_modules/multiformats/esm/src/bytes.js
231
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bytes.js
235
232
  var empty = new Uint8Array(0);
236
233
  var equals2 = (aa, bb) => {
237
234
  if (aa === bb)
@@ -259,7 +256,7 @@ var coerce = (o) => {
259
256
  var fromString = (str) => new TextEncoder().encode(str);
260
257
  var toString = (b) => new TextDecoder().decode(b);
261
258
 
262
- // ../../node_modules/multiformats/esm/src/bases/base.js
259
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base.js
263
260
  var Encoder = class {
264
261
  constructor(name2, prefix, baseEncode) {
265
262
  this.name = name2;
@@ -412,7 +409,7 @@ var rfc4648 = ({ name: name2, prefix, bitsPerChar, alphabet: alphabet2 }) => {
412
409
  });
413
410
  };
414
411
 
415
- // ../../node_modules/multiformats/esm/src/bases/identity.js
412
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/identity.js
416
413
  var identity = from({
417
414
  prefix: "\0",
418
415
  name: "identity",
@@ -420,7 +417,7 @@ var identity = from({
420
417
  decode: (str) => fromString(str)
421
418
  });
422
419
 
423
- // ../../node_modules/multiformats/esm/src/bases/base2.js
420
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base2.js
424
421
  var base2_exports = {};
425
422
  __export(base2_exports, {
426
423
  base2: () => base2
@@ -432,7 +429,7 @@ var base2 = rfc4648({
432
429
  bitsPerChar: 1
433
430
  });
434
431
 
435
- // ../../node_modules/multiformats/esm/src/bases/base8.js
432
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base8.js
436
433
  var base8_exports = {};
437
434
  __export(base8_exports, {
438
435
  base8: () => base8
@@ -444,7 +441,7 @@ var base8 = rfc4648({
444
441
  bitsPerChar: 3
445
442
  });
446
443
 
447
- // ../../node_modules/multiformats/esm/src/bases/base10.js
444
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base10.js
448
445
  var base10_exports = {};
449
446
  __export(base10_exports, {
450
447
  base10: () => base10
@@ -455,7 +452,7 @@ var base10 = baseX({
455
452
  alphabet: "0123456789"
456
453
  });
457
454
 
458
- // ../../node_modules/multiformats/esm/src/bases/base16.js
455
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base16.js
459
456
  var base16_exports = {};
460
457
  __export(base16_exports, {
461
458
  base16: () => base16,
@@ -474,7 +471,7 @@ var base16upper = rfc4648({
474
471
  bitsPerChar: 4
475
472
  });
476
473
 
477
- // ../../node_modules/multiformats/esm/src/bases/base32.js
474
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base32.js
478
475
  var base32_exports = {};
479
476
  __export(base32_exports, {
480
477
  base32: () => base32,
@@ -542,7 +539,7 @@ var base32z = rfc4648({
542
539
  bitsPerChar: 5
543
540
  });
544
541
 
545
- // ../../node_modules/multiformats/esm/src/bases/base36.js
542
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base36.js
546
543
  var base36_exports = {};
547
544
  __export(base36_exports, {
548
545
  base36: () => base36,
@@ -559,7 +556,7 @@ var base36upper = baseX({
559
556
  alphabet: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
560
557
  });
561
558
 
562
- // ../../node_modules/multiformats/esm/src/bases/base58.js
559
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base58.js
563
560
  var base58_exports = {};
564
561
  __export(base58_exports, {
565
562
  base58btc: () => base58btc,
@@ -576,7 +573,7 @@ var base58flickr = baseX({
576
573
  alphabet: "123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ"
577
574
  });
578
575
 
579
- // ../../node_modules/multiformats/esm/src/bases/base64.js
576
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base64.js
580
577
  var base64_exports = {};
581
578
  __export(base64_exports, {
582
579
  base64: () => base64,
@@ -609,7 +606,7 @@ var base64urlpad = rfc4648({
609
606
  bitsPerChar: 6
610
607
  });
611
608
 
612
- // ../../node_modules/multiformats/esm/src/bases/base256emoji.js
609
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/bases/base256emoji.js
613
610
  var base256emoji_exports = {};
614
611
  __export(base256emoji_exports, {
615
612
  base256emoji: () => base256emoji
@@ -647,7 +644,7 @@ var base256emoji = from({
647
644
  decode: decode2
648
645
  });
649
646
 
650
- // ../../node_modules/multiformats/esm/src/hashes/sha2.js
647
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/hashes/sha2.js
651
648
  var sha2_exports = {};
652
649
  __export(sha2_exports, {
653
650
  sha256: () => sha256,
@@ -655,7 +652,7 @@ __export(sha2_exports, {
655
652
  });
656
653
  var import_crypto = __toESM(require("crypto"), 1);
657
654
 
658
- // ../../node_modules/multiformats/esm/vendor/varint.js
655
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/vendor/varint.js
659
656
  var encode_1 = encode3;
660
657
  var MSB = 128;
661
658
  var REST = 127;
@@ -714,7 +711,7 @@ var varint = {
714
711
  var _brrp_varint = varint;
715
712
  var varint_default = _brrp_varint;
716
713
 
717
- // ../../node_modules/multiformats/esm/src/varint.js
714
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/varint.js
718
715
  var decode4 = (data, offset = 0) => {
719
716
  const code2 = varint_default.decode(data, offset);
720
717
  return [
@@ -730,7 +727,7 @@ var encodingLength = (int) => {
730
727
  return varint_default.encodingLength(int);
731
728
  };
732
729
 
733
- // ../../node_modules/multiformats/esm/src/hashes/digest.js
730
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/hashes/digest.js
734
731
  var create = (code2, digest2) => {
735
732
  const size = digest2.byteLength;
736
733
  const sizeOffset = encodingLength(code2);
@@ -767,7 +764,7 @@ var Digest = class {
767
764
  }
768
765
  };
769
766
 
770
- // ../../node_modules/multiformats/esm/src/hashes/hasher.js
767
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/hashes/hasher.js
771
768
  var from2 = ({ name: name2, code: code2, encode: encode5 }) => new Hasher(name2, code2, encode5);
772
769
  var Hasher = class {
773
770
  constructor(name2, code2, encode5) {
@@ -785,7 +782,7 @@ var Hasher = class {
785
782
  }
786
783
  };
787
784
 
788
- // ../../node_modules/multiformats/esm/src/hashes/sha2.js
785
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/hashes/sha2.js
789
786
  var sha256 = from2({
790
787
  name: "sha2-256",
791
788
  code: 18,
@@ -797,7 +794,7 @@ var sha512 = from2({
797
794
  encode: (input) => coerce(import_crypto.default.createHash("sha512").update(input).digest())
798
795
  });
799
796
 
800
- // ../../node_modules/multiformats/esm/src/hashes/identity.js
797
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/hashes/identity.js
801
798
  var identity_exports2 = {};
802
799
  __export(identity_exports2, {
803
800
  identity: () => identity2
@@ -813,11 +810,11 @@ var identity2 = {
813
810
  digest
814
811
  };
815
812
 
816
- // ../../node_modules/multiformats/esm/src/codecs/json.js
813
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/codecs/json.js
817
814
  var textEncoder = new TextEncoder();
818
815
  var textDecoder = new TextDecoder();
819
816
 
820
- // ../../node_modules/multiformats/esm/src/cid.js
817
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/cid.js
821
818
  var CID = class {
822
819
  constructor(version2, code2, multihash, bytes2) {
823
820
  this.code = code2;
@@ -1122,7 +1119,7 @@ if (cid) {
1122
1119
  }
1123
1120
  `;
1124
1121
 
1125
- // ../../node_modules/multiformats/esm/src/basics.js
1122
+ // ../../node_modules/.pnpm/multiformats@9.9.0/node_modules/multiformats/esm/src/basics.js
1126
1123
  var bases = {
1127
1124
  ...identity_exports,
1128
1125
  ...base2_exports,
@@ -1140,7 +1137,7 @@ var hashes = {
1140
1137
  ...identity_exports2
1141
1138
  };
1142
1139
 
1143
- // ../../node_modules/uint8arrays/esm/src/util/bases.js
1140
+ // ../../node_modules/.pnpm/uint8arrays@3.0.0/node_modules/uint8arrays/esm/src/util/bases.js
1144
1141
  function createCodec(name2, prefix, encode5, decode6) {
1145
1142
  return {
1146
1143
  name: name2,
@@ -1185,7 +1182,7 @@ var BASES = {
1185
1182
  };
1186
1183
  var bases_default = BASES;
1187
1184
 
1188
- // ../../node_modules/uint8arrays/esm/src/from-string.js
1185
+ // ../../node_modules/.pnpm/uint8arrays@3.0.0/node_modules/uint8arrays/esm/src/from-string.js
1189
1186
  function fromString2(string2, encoding = "utf8") {
1190
1187
  const base3 = bases_default[encoding];
1191
1188
  if (!base3) {
@@ -1194,7 +1191,7 @@ function fromString2(string2, encoding = "utf8") {
1194
1191
  return base3.decoder.decode(`${base3.prefix}${string2}`);
1195
1192
  }
1196
1193
 
1197
- // ../../node_modules/uint8arrays/esm/src/to-string.js
1194
+ // ../../node_modules/.pnpm/uint8arrays@3.0.0/node_modules/uint8arrays/esm/src/to-string.js
1198
1195
  function toString2(array, encoding = "utf8") {
1199
1196
  const base3 = bases_default[encoding];
1200
1197
  if (!base3) {
@@ -1203,7 +1200,7 @@ function toString2(array, encoding = "utf8") {
1203
1200
  return base3.encoder.encode(array).substring(1);
1204
1201
  }
1205
1202
 
1206
- // ../../node_modules/@noble/hashes/esm/_assert.js
1203
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/_assert.js
1207
1204
  function number(n) {
1208
1205
  if (!Number.isSafeInteger(n) || n < 0)
1209
1206
  throw new Error(`Wrong positive integer: ${n}`);
@@ -1247,11 +1244,11 @@ var assert = {
1247
1244
  };
1248
1245
  var assert_default = assert;
1249
1246
 
1250
- // ../../node_modules/@noble/hashes/esm/cryptoNode.js
1247
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/cryptoNode.js
1251
1248
  var nc = __toESM(require("node:crypto"), 1);
1252
1249
  var crypto2 = nc && typeof nc === "object" && "webcrypto" in nc ? nc.webcrypto : void 0;
1253
1250
 
1254
- // ../../node_modules/@noble/hashes/esm/utils.js
1251
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/utils.js
1255
1252
  var u8a = (a) => a instanceof Uint8Array;
1256
1253
  var createView = (arr) => new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
1257
1254
  var rotr = (word, shift) => word << 32 - shift | word >>> shift;
@@ -1302,7 +1299,7 @@ function randomBytes(bytesLength = 32) {
1302
1299
  throw new Error("crypto.getRandomValues must be defined");
1303
1300
  }
1304
1301
 
1305
- // ../../node_modules/@noble/hashes/esm/hmac.js
1302
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/hmac.js
1306
1303
  var HMAC = class extends Hash {
1307
1304
  constructor(hash2, _key) {
1308
1305
  super();
@@ -1367,7 +1364,7 @@ var HMAC = class extends Hash {
1367
1364
  var hmac = (hash2, key, message) => new HMAC(hash2, key).update(message).digest();
1368
1365
  hmac.create = (hash2, key) => new HMAC(hash2, key);
1369
1366
 
1370
- // ../../node_modules/@noble/curves/esm/abstract/utils.js
1367
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/utils.js
1371
1368
  var utils_exports = {};
1372
1369
  __export(utils_exports, {
1373
1370
  bitGet: () => bitGet,
@@ -1581,7 +1578,7 @@ function validateObject(object, validators, optValidators = {}) {
1581
1578
  return object;
1582
1579
  }
1583
1580
 
1584
- // ../../node_modules/@noble/curves/esm/abstract/modular.js
1581
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/modular.js
1585
1582
  var _0n2 = BigInt(0);
1586
1583
  var _1n2 = BigInt(1);
1587
1584
  var _2n2 = BigInt(2);
@@ -1833,7 +1830,7 @@ function hashToPrivateScalar(hash2, groupOrder, isLE2 = false) {
1833
1830
  return mod(num, groupOrder - _1n2) + _1n2;
1834
1831
  }
1835
1832
 
1836
- // ../../node_modules/@noble/curves/esm/abstract/curve.js
1833
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/curve.js
1837
1834
  var _0n3 = BigInt(0);
1838
1835
  var _1n3 = BigInt(1);
1839
1836
  function wNAF(c, bits) {
@@ -1933,7 +1930,7 @@ function validateBasic(curve) {
1933
1930
  });
1934
1931
  }
1935
1932
 
1936
- // ../../node_modules/@noble/curves/esm/abstract/weierstrass.js
1933
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/abstract/weierstrass.js
1937
1934
  function validatePointOpts(curve) {
1938
1935
  const opts = validateBasic(curve);
1939
1936
  validateObject(opts, {
@@ -2655,7 +2652,7 @@ function weierstrass(curveDef) {
2655
2652
  };
2656
2653
  }
2657
2654
 
2658
- // ../../node_modules/@noble/curves/esm/_shortw_utils.js
2655
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/_shortw_utils.js
2659
2656
  function getHash(hash2) {
2660
2657
  return {
2661
2658
  hash: hash2,
@@ -2668,7 +2665,7 @@ function createCurve(curveDef, defHash) {
2668
2665
  return Object.freeze({ ...create2(defHash), create: create2 });
2669
2666
  }
2670
2667
 
2671
- // ../../node_modules/@noble/hashes/esm/_sha2.js
2668
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/_sha2.js
2672
2669
  function setBigUint64(view, byteOffset, value, isLE2) {
2673
2670
  if (typeof view.setBigUint64 === "function")
2674
2671
  return view.setBigUint64(byteOffset, value, isLE2);
@@ -2768,7 +2765,7 @@ var SHA2 = class extends Hash {
2768
2765
  }
2769
2766
  };
2770
2767
 
2771
- // ../../node_modules/@noble/hashes/esm/sha256.js
2768
+ // ../../node_modules/.pnpm/@noble+hashes@1.3.1/node_modules/@noble/hashes/esm/sha256.js
2772
2769
  var Chi = (a, b, c) => a & b ^ ~a & c;
2773
2770
  var Maj = (a, b, c) => a & b ^ a & c ^ b & c;
2774
2771
  var SHA256_K = new Uint32Array([
@@ -2934,7 +2931,7 @@ var SHA224 = class extends SHA256 {
2934
2931
  var sha2562 = wrapConstructor(() => new SHA256());
2935
2932
  var sha224 = wrapConstructor(() => new SHA224());
2936
2933
 
2937
- // ../../node_modules/@noble/curves/esm/p256.js
2934
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/p256.js
2938
2935
  var Fp = Field(BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"));
2939
2936
  var CURVE_A = Fp.create(BigInt("-3"));
2940
2937
  var CURVE_B = BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b");
@@ -2962,7 +2959,7 @@ var decompressPubkey = (compressed) => {
2962
2959
  return point.toRawBytes(false);
2963
2960
  };
2964
2961
 
2965
- // ../../node_modules/@noble/curves/esm/secp256k1.js
2962
+ // ../../node_modules/.pnpm/@noble+curves@1.1.0/node_modules/@noble/curves/esm/secp256k1.js
2966
2963
  var secp256k1P = BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f");
2967
2964
  var secp256k1N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
2968
2965
  var _1n5 = BigInt(1);
@@ -3043,16 +3040,18 @@ var decompressPubkey2 = (compressed) => {
3043
3040
  };
3044
3041
 
3045
3042
  // src/p256/operations.ts
3046
- var verifyDidSig = async (did, data, sig) => {
3043
+ var verifyDidSig = async (did, data, sig, opts) => {
3047
3044
  const { jwtAlg, keyBytes } = parseDidKey(did);
3048
3045
  if (jwtAlg !== P256_JWT_ALG) {
3049
3046
  throw new Error(`Not a P-256 did:key: ${did}`);
3050
3047
  }
3051
- return verifySig(keyBytes, data, sig);
3048
+ return verifySig(keyBytes, data, sig, opts);
3052
3049
  };
3053
- var verifySig = async (publicKey, data, sig) => {
3050
+ var verifySig = async (publicKey, data, sig, opts) => {
3054
3051
  const msgHash = await sha2562(data);
3055
- return p256.verify(sig, msgHash, publicKey, { lowS: true });
3052
+ return p256.verify(sig, msgHash, publicKey, {
3053
+ lowS: opts?.lowS ?? true
3054
+ });
3056
3055
  };
3057
3056
 
3058
3057
  // src/p256/plugin.ts
@@ -3064,16 +3063,18 @@ var p256Plugin = {
3064
3063
  var plugin_default = p256Plugin;
3065
3064
 
3066
3065
  // src/secp256k1/operations.ts
3067
- var verifyDidSig2 = async (did, data, sig) => {
3066
+ var verifyDidSig2 = async (did, data, sig, opts) => {
3068
3067
  const { jwtAlg, keyBytes } = parseDidKey(did);
3069
3068
  if (jwtAlg !== SECP256K1_JWT_ALG) {
3070
3069
  throw new Error(`Not a secp256k1 did:key: ${did}`);
3071
3070
  }
3072
- return verifySig2(keyBytes, data, sig);
3071
+ return verifySig2(keyBytes, data, sig, opts);
3073
3072
  };
3074
- var verifySig2 = async (publicKey, data, sig) => {
3073
+ var verifySig2 = async (publicKey, data, sig, opts) => {
3075
3074
  const msgHash = await sha2562(data);
3076
- return secp256k1.verify(sig, msgHash, publicKey, { lowS: true });
3075
+ return secp256k1.verify(sig, msgHash, publicKey, {
3076
+ lowS: opts?.lowS ?? true
3077
+ });
3077
3078
  };
3078
3079
 
3079
3080
  // src/secp256k1/plugin.ts
@@ -3093,10 +3094,7 @@ var parseMultikey = (multikey) => {
3093
3094
  if (!multikey.startsWith(BASE58_MULTIBASE_PREFIX)) {
3094
3095
  throw new Error(`Incorrect prefix for multikey: ${multikey}`);
3095
3096
  }
3096
- const prefixedBytes = fromString2(
3097
- multikey.slice(BASE58_MULTIBASE_PREFIX.length),
3098
- "base58btc"
3099
- );
3097
+ const prefixedBytes = fromString2(multikey.slice(BASE58_MULTIBASE_PREFIX.length), "base58btc");
3100
3098
  const plugin = plugins_default.find((p) => hasPrefix(prefixedBytes, p.prefix));
3101
3099
  if (!plugin) {
3102
3100
  throw new Error("Unsupported key type");
@@ -3207,18 +3205,18 @@ var randomIntFromSeed = async (seed, high, low = 0) => {
3207
3205
  };
3208
3206
 
3209
3207
  // src/verify.ts
3210
- var verifySignature = (didKey, data, sig) => {
3208
+ var verifySignature = (didKey, data, sig, opts) => {
3211
3209
  const parsed = parseDidKey(didKey);
3212
3210
  const plugin = plugins_default.find((p) => p.jwtAlg === parsed.jwtAlg);
3213
3211
  if (!plugin) {
3214
- throw new Error(`Unsupported signature alg: :${parsed.jwtAlg}`);
3212
+ throw new Error(`Unsupported signature alg: ${parsed.jwtAlg}`);
3215
3213
  }
3216
- return plugin.verifySignature(didKey, data, sig);
3214
+ return plugin.verifySignature(didKey, data, sig, opts);
3217
3215
  };
3218
- var verifySignatureUtf8 = async (didKey, data, sig) => {
3216
+ var verifySignatureUtf8 = async (didKey, data, sig, opts) => {
3219
3217
  const dataBytes = fromString2(data, "utf8");
3220
3218
  const sigBytes = fromString2(sig, "base64url");
3221
- return verifySignature(didKey, dataBytes, sigBytes);
3219
+ return verifySignature(didKey, dataBytes, sigBytes, opts);
3222
3220
  };
3223
3221
 
3224
3222
  // src/p256/keypair.ts