@atproto/crypto 0.2.3 → 0.3.1-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/LICENSE.txt +1 -1
- package/dist/const.d.ts +1 -0
- package/dist/const.d.ts.map +1 -0
- package/dist/const.js +10 -0
- package/dist/const.js.map +1 -0
- package/dist/did.d.ts +2 -1
- package/dist/did.d.ts.map +1 -0
- package/dist/did.js +68 -0
- package/dist/did.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +27 -3327
- package/dist/index.js.map +1 -7
- package/dist/multibase.d.ts +1 -0
- package/dist/multibase.d.ts.map +1 -0
- package/dist/multibase.js +76 -0
- package/dist/multibase.js.map +1 -0
- package/dist/p256/encoding.d.ts +1 -0
- package/dist/p256/encoding.d.ts.map +1 -0
- package/dist/p256/encoding.js +18 -0
- package/dist/p256/encoding.js.map +1 -0
- package/dist/p256/keypair.d.ts +3 -2
- package/dist/p256/keypair.d.ts.map +1 -0
- package/dist/p256/keypair.js +94 -0
- package/dist/p256/keypair.js.map +1 -0
- package/dist/p256/operations.d.ts +2 -0
- package/dist/p256/operations.d.ts.map +1 -0
- package/dist/p256/operations.js +41 -0
- package/dist/p256/operations.js.map +1 -0
- package/dist/p256/plugin.d.ts +1 -0
- package/dist/p256/plugin.d.ts.map +1 -0
- package/dist/p256/plugin.js +15 -0
- package/dist/p256/plugin.js.map +1 -0
- package/dist/plugins.d.ts +1 -0
- package/dist/plugins.d.ts.map +1 -0
- package/dist/plugins.js +11 -0
- package/dist/plugins.js.map +1 -0
- package/dist/random.d.ts +1 -0
- package/dist/random.d.ts.map +1 -0
- package/dist/random.js +44 -0
- package/dist/random.js.map +1 -0
- package/dist/secp256k1/encoding.d.ts +1 -0
- package/dist/secp256k1/encoding.d.ts.map +1 -0
- package/dist/secp256k1/encoding.js +18 -0
- package/dist/secp256k1/encoding.js.map +1 -0
- package/dist/secp256k1/keypair.d.ts +3 -2
- package/dist/secp256k1/keypair.d.ts.map +1 -0
- package/dist/secp256k1/keypair.js +94 -0
- package/dist/secp256k1/keypair.js.map +1 -0
- package/dist/secp256k1/operations.d.ts +2 -0
- package/dist/secp256k1/operations.d.ts.map +1 -0
- package/dist/secp256k1/operations.js +64 -0
- package/dist/secp256k1/operations.js.map +1 -0
- package/dist/secp256k1/plugin.d.ts +1 -0
- package/dist/secp256k1/plugin.d.ts.map +1 -0
- package/dist/secp256k1/plugin.js +15 -0
- package/dist/secp256k1/plugin.js.map +1 -0
- package/dist/sha.d.ts +2 -0
- package/dist/sha.d.ts.map +1 -0
- package/dist/sha.js +40 -0
- package/dist/sha.js.map +1 -0
- package/dist/types.d.ts +9 -3
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +3 -0
- package/dist/types.js.map +1 -0
- package/dist/utils.d.ts +4 -0
- package/dist/utils.d.ts.map +1 -0
- package/dist/utils.js +47 -0
- package/dist/utils.js.map +1 -0
- package/dist/verify.d.ts +1 -0
- package/dist/verify.d.ts.map +1 -0
- package/dist/verify.js +48 -0
- package/dist/verify.js.map +1 -0
- package/jest.config.js +3 -3
- package/package.json +8 -6
- package/src/did.ts +13 -35
- package/src/p256/keypair.ts +8 -6
- package/src/p256/operations.ts +23 -5
- package/src/p256/plugin.ts +7 -2
- package/src/secp256k1/keypair.ts +9 -7
- package/src/secp256k1/operations.ts +23 -5
- package/src/secp256k1/plugin.ts +7 -2
- package/src/sha.ts +7 -0
- package/src/types.ts +8 -1
- package/src/utils.ts +23 -0
- package/tests/signatures.test.ts +94 -3
- package/tsconfig.build.json +6 -2
- package/tsconfig.json +5 -7
- package/tsconfig.tests.json +7 -0
- package/build.js +0 -14
package/src/did.ts
CHANGED
|
@@ -1,13 +1,8 @@
|
|
|
1
1
|
import * as uint8arrays from 'uint8arrays'
|
|
2
|
-
|
|
3
|
-
import
|
|
2
|
+
|
|
3
|
+
import { BASE58_MULTIBASE_PREFIX, DID_KEY_PREFIX } from './const'
|
|
4
4
|
import plugins from './plugins'
|
|
5
|
-
import {
|
|
6
|
-
BASE58_MULTIBASE_PREFIX,
|
|
7
|
-
DID_KEY_PREFIX,
|
|
8
|
-
P256_JWT_ALG,
|
|
9
|
-
SECP256K1_JWT_ALG,
|
|
10
|
-
} from './const'
|
|
5
|
+
import { extractMultikey, extractPrefixedBytes, hasPrefix } from './utils'
|
|
11
6
|
|
|
12
7
|
export type ParsedMultikey = {
|
|
13
8
|
jwtAlg: string
|
|
@@ -15,23 +10,14 @@ export type ParsedMultikey = {
|
|
|
15
10
|
}
|
|
16
11
|
|
|
17
12
|
export const parseMultikey = (multikey: string): ParsedMultikey => {
|
|
18
|
-
|
|
19
|
-
throw new Error(`Incorrect prefix for multikey: ${multikey}`)
|
|
20
|
-
}
|
|
21
|
-
const prefixedBytes = uint8arrays.fromString(
|
|
22
|
-
multikey.slice(BASE58_MULTIBASE_PREFIX.length),
|
|
23
|
-
'base58btc',
|
|
24
|
-
)
|
|
13
|
+
const prefixedBytes = extractPrefixedBytes(multikey)
|
|
25
14
|
const plugin = plugins.find((p) => hasPrefix(prefixedBytes, p.prefix))
|
|
26
15
|
if (!plugin) {
|
|
27
16
|
throw new Error('Unsupported key type')
|
|
28
17
|
}
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
} else if (plugin.jwtAlg === SECP256K1_JWT_ALG) {
|
|
33
|
-
keyBytes = secp.decompressPubkey(keyBytes)
|
|
34
|
-
}
|
|
18
|
+
const keyBytes = plugin.decompressPubkey(
|
|
19
|
+
prefixedBytes.slice(plugin.prefix.length),
|
|
20
|
+
)
|
|
35
21
|
return {
|
|
36
22
|
jwtAlg: plugin.jwtAlg,
|
|
37
23
|
keyBytes,
|
|
@@ -46,28 +32,20 @@ export const formatMultikey = (
|
|
|
46
32
|
if (!plugin) {
|
|
47
33
|
throw new Error('Unsupported key type')
|
|
48
34
|
}
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
}
|
|
54
|
-
const prefixedBytes = uint8arrays.concat([plugin.prefix, keyBytes])
|
|
35
|
+
const prefixedBytes = uint8arrays.concat([
|
|
36
|
+
plugin.prefix,
|
|
37
|
+
plugin.compressPubkey(keyBytes),
|
|
38
|
+
])
|
|
55
39
|
return (
|
|
56
40
|
BASE58_MULTIBASE_PREFIX + uint8arrays.toString(prefixedBytes, 'base58btc')
|
|
57
41
|
)
|
|
58
42
|
}
|
|
59
43
|
|
|
60
44
|
export const parseDidKey = (did: string): ParsedMultikey => {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
}
|
|
64
|
-
return parseMultikey(did.slice(DID_KEY_PREFIX.length))
|
|
45
|
+
const multikey = extractMultikey(did)
|
|
46
|
+
return parseMultikey(multikey)
|
|
65
47
|
}
|
|
66
48
|
|
|
67
49
|
export const formatDidKey = (jwtAlg: string, keyBytes: Uint8Array): string => {
|
|
68
50
|
return DID_KEY_PREFIX + formatMultikey(jwtAlg, keyBytes)
|
|
69
51
|
}
|
|
70
|
-
|
|
71
|
-
const hasPrefix = (bytes: Uint8Array, prefix: Uint8Array): boolean => {
|
|
72
|
-
return uint8arrays.equals(prefix, bytes.subarray(0, prefix.byteLength))
|
|
73
|
-
}
|
package/src/p256/keypair.ts
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
import { p256 } from '@noble/curves/p256'
|
|
2
2
|
import { sha256 } from '@noble/hashes/sha256'
|
|
3
|
-
import
|
|
4
|
-
import {
|
|
3
|
+
import { SupportedEncodings } from 'uint8arrays/to-string'
|
|
4
|
+
import {
|
|
5
|
+
fromString as ui8FromString,
|
|
6
|
+
toString as ui8ToString,
|
|
7
|
+
} from 'uint8arrays'
|
|
8
|
+
|
|
5
9
|
import * as did from '../did'
|
|
6
10
|
import { P256_JWT_ALG } from '../const'
|
|
7
11
|
import { Keypair } from '../types'
|
|
@@ -32,9 +36,7 @@ export class P256Keypair implements Keypair {
|
|
|
32
36
|
): Promise<P256Keypair> {
|
|
33
37
|
const { exportable = false } = opts || {}
|
|
34
38
|
const privKeyBytes =
|
|
35
|
-
typeof privKey === 'string'
|
|
36
|
-
? uint8arrays.fromString(privKey, 'hex')
|
|
37
|
-
: privKey
|
|
39
|
+
typeof privKey === 'string' ? ui8FromString(privKey, 'hex') : privKey
|
|
38
40
|
return new P256Keypair(privKeyBytes, exportable)
|
|
39
41
|
}
|
|
40
42
|
|
|
@@ -43,7 +45,7 @@ export class P256Keypair implements Keypair {
|
|
|
43
45
|
}
|
|
44
46
|
|
|
45
47
|
publicKeyStr(encoding: SupportedEncodings = 'base64pad'): string {
|
|
46
|
-
return
|
|
48
|
+
return ui8ToString(this.publicKey, encoding)
|
|
47
49
|
}
|
|
48
50
|
|
|
49
51
|
did(): string {
|
package/src/p256/operations.ts
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
import { p256 } from '@noble/curves/p256'
|
|
2
2
|
import { sha256 } from '@noble/hashes/sha256'
|
|
3
|
-
import {
|
|
4
|
-
|
|
3
|
+
import { equals as ui8equals } from 'uint8arrays'
|
|
4
|
+
|
|
5
|
+
import { P256_DID_PREFIX } from '../const'
|
|
5
6
|
import { VerifyOptions } from '../types'
|
|
7
|
+
import { extractMultikey, extractPrefixedBytes, hasPrefix } from '../utils'
|
|
6
8
|
|
|
7
9
|
export const verifyDidSig = async (
|
|
8
10
|
did: string,
|
|
@@ -10,10 +12,11 @@ export const verifyDidSig = async (
|
|
|
10
12
|
sig: Uint8Array,
|
|
11
13
|
opts?: VerifyOptions,
|
|
12
14
|
): Promise<boolean> => {
|
|
13
|
-
const
|
|
14
|
-
if (
|
|
15
|
+
const prefixedBytes = extractPrefixedBytes(extractMultikey(did))
|
|
16
|
+
if (!hasPrefix(prefixedBytes, P256_DID_PREFIX)) {
|
|
15
17
|
throw new Error(`Not a P-256 did:key: ${did}`)
|
|
16
18
|
}
|
|
19
|
+
const keyBytes = prefixedBytes.slice(P256_DID_PREFIX.length)
|
|
17
20
|
return verifySig(keyBytes, data, sig, opts)
|
|
18
21
|
}
|
|
19
22
|
|
|
@@ -23,8 +26,23 @@ export const verifySig = async (
|
|
|
23
26
|
sig: Uint8Array,
|
|
24
27
|
opts?: VerifyOptions,
|
|
25
28
|
): Promise<boolean> => {
|
|
29
|
+
const allowMalleable = opts?.allowMalleableSig ?? false
|
|
26
30
|
const msgHash = await sha256(data)
|
|
31
|
+
// parse as compact sig to prevent signature malleability
|
|
32
|
+
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
33
|
+
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
34
|
+
return false
|
|
35
|
+
}
|
|
27
36
|
return p256.verify(sig, msgHash, publicKey, {
|
|
28
|
-
lowS:
|
|
37
|
+
lowS: !allowMalleable,
|
|
29
38
|
})
|
|
30
39
|
}
|
|
40
|
+
|
|
41
|
+
export const isCompactFormat = (sig: Uint8Array) => {
|
|
42
|
+
try {
|
|
43
|
+
const parsed = p256.Signature.fromCompact(sig)
|
|
44
|
+
return ui8equals(parsed.toCompactRawBytes(), sig)
|
|
45
|
+
} catch {
|
|
46
|
+
return false
|
|
47
|
+
}
|
|
48
|
+
}
|
package/src/p256/plugin.ts
CHANGED
|
@@ -1,11 +1,16 @@
|
|
|
1
|
-
import
|
|
1
|
+
import { verifyDidSig } from './operations'
|
|
2
|
+
import { compressPubkey, decompressPubkey } from './encoding'
|
|
3
|
+
|
|
2
4
|
import { DidKeyPlugin } from '../types'
|
|
3
5
|
import { P256_DID_PREFIX, P256_JWT_ALG } from '../const'
|
|
4
6
|
|
|
5
7
|
export const p256Plugin: DidKeyPlugin = {
|
|
6
8
|
prefix: P256_DID_PREFIX,
|
|
7
9
|
jwtAlg: P256_JWT_ALG,
|
|
8
|
-
verifySignature:
|
|
10
|
+
verifySignature: verifyDidSig,
|
|
11
|
+
|
|
12
|
+
compressPubkey,
|
|
13
|
+
decompressPubkey,
|
|
9
14
|
}
|
|
10
15
|
|
|
11
16
|
export default p256Plugin
|
package/src/secp256k1/keypair.ts
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
import { secp256k1 as k256 } from '@noble/curves/secp256k1'
|
|
2
2
|
import { sha256 } from '@noble/hashes/sha256'
|
|
3
|
-
import
|
|
4
|
-
|
|
5
|
-
|
|
3
|
+
import {
|
|
4
|
+
fromString as ui8FromString,
|
|
5
|
+
toString as ui8ToString,
|
|
6
|
+
} from 'uint8arrays'
|
|
7
|
+
import { SupportedEncodings } from 'uint8arrays/to-string'
|
|
8
|
+
|
|
6
9
|
import { SECP256K1_JWT_ALG } from '../const'
|
|
10
|
+
import * as did from '../did'
|
|
7
11
|
import { Keypair } from '../types'
|
|
8
12
|
|
|
9
13
|
export type Secp256k1KeypairOptions = {
|
|
@@ -32,9 +36,7 @@ export class Secp256k1Keypair implements Keypair {
|
|
|
32
36
|
): Promise<Secp256k1Keypair> {
|
|
33
37
|
const { exportable = false } = opts || {}
|
|
34
38
|
const privKeyBytes =
|
|
35
|
-
typeof privKey === 'string'
|
|
36
|
-
? uint8arrays.fromString(privKey, 'hex')
|
|
37
|
-
: privKey
|
|
39
|
+
typeof privKey === 'string' ? ui8FromString(privKey, 'hex') : privKey
|
|
38
40
|
return new Secp256k1Keypair(privKeyBytes, exportable)
|
|
39
41
|
}
|
|
40
42
|
|
|
@@ -43,7 +45,7 @@ export class Secp256k1Keypair implements Keypair {
|
|
|
43
45
|
}
|
|
44
46
|
|
|
45
47
|
publicKeyStr(encoding: SupportedEncodings = 'base64pad'): string {
|
|
46
|
-
return
|
|
48
|
+
return ui8ToString(this.publicKey, encoding)
|
|
47
49
|
}
|
|
48
50
|
|
|
49
51
|
did(): string {
|
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
import { secp256k1 as k256 } from '@noble/curves/secp256k1'
|
|
2
2
|
import { sha256 } from '@noble/hashes/sha256'
|
|
3
|
-
import
|
|
4
|
-
|
|
3
|
+
import * as ui8 from 'uint8arrays'
|
|
4
|
+
|
|
5
|
+
import { SECP256K1_DID_PREFIX } from '../const'
|
|
5
6
|
import { VerifyOptions } from '../types'
|
|
7
|
+
import { extractMultikey, extractPrefixedBytes, hasPrefix } from '../utils'
|
|
6
8
|
|
|
7
9
|
export const verifyDidSig = async (
|
|
8
10
|
did: string,
|
|
@@ -10,10 +12,11 @@ export const verifyDidSig = async (
|
|
|
10
12
|
sig: Uint8Array,
|
|
11
13
|
opts?: VerifyOptions,
|
|
12
14
|
): Promise<boolean> => {
|
|
13
|
-
const
|
|
14
|
-
if (
|
|
15
|
+
const prefixedBytes = extractPrefixedBytes(extractMultikey(did))
|
|
16
|
+
if (!hasPrefix(prefixedBytes, SECP256K1_DID_PREFIX)) {
|
|
15
17
|
throw new Error(`Not a secp256k1 did:key: ${did}`)
|
|
16
18
|
}
|
|
19
|
+
const keyBytes = prefixedBytes.slice(SECP256K1_DID_PREFIX.length)
|
|
17
20
|
return verifySig(keyBytes, data, sig, opts)
|
|
18
21
|
}
|
|
19
22
|
|
|
@@ -23,8 +26,23 @@ export const verifySig = async (
|
|
|
23
26
|
sig: Uint8Array,
|
|
24
27
|
opts?: VerifyOptions,
|
|
25
28
|
): Promise<boolean> => {
|
|
29
|
+
const allowMalleable = opts?.allowMalleableSig ?? false
|
|
26
30
|
const msgHash = await sha256(data)
|
|
31
|
+
// parse as compact sig to prevent signature malleability
|
|
32
|
+
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
33
|
+
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
34
|
+
return false
|
|
35
|
+
}
|
|
27
36
|
return k256.verify(sig, msgHash, publicKey, {
|
|
28
|
-
lowS:
|
|
37
|
+
lowS: !allowMalleable,
|
|
29
38
|
})
|
|
30
39
|
}
|
|
40
|
+
|
|
41
|
+
export const isCompactFormat = (sig: Uint8Array) => {
|
|
42
|
+
try {
|
|
43
|
+
const parsed = k256.Signature.fromCompact(sig)
|
|
44
|
+
return ui8.equals(parsed.toCompactRawBytes(), sig)
|
|
45
|
+
} catch {
|
|
46
|
+
return false
|
|
47
|
+
}
|
|
48
|
+
}
|
package/src/secp256k1/plugin.ts
CHANGED
|
@@ -1,11 +1,16 @@
|
|
|
1
|
-
import
|
|
1
|
+
import { verifyDidSig } from './operations'
|
|
2
|
+
import { compressPubkey, decompressPubkey } from './encoding'
|
|
3
|
+
|
|
2
4
|
import { DidKeyPlugin } from '../types'
|
|
3
5
|
import { SECP256K1_DID_PREFIX, SECP256K1_JWT_ALG } from '../const'
|
|
4
6
|
|
|
5
7
|
export const secp256k1Plugin: DidKeyPlugin = {
|
|
6
8
|
prefix: SECP256K1_DID_PREFIX,
|
|
7
9
|
jwtAlg: SECP256K1_JWT_ALG,
|
|
8
|
-
verifySignature:
|
|
10
|
+
verifySignature: verifyDidSig,
|
|
11
|
+
|
|
12
|
+
compressPubkey,
|
|
13
|
+
decompressPubkey,
|
|
9
14
|
}
|
|
10
15
|
|
|
11
16
|
export default secp256k1Plugin
|
package/src/sha.ts
CHANGED
|
@@ -9,3 +9,10 @@ export const sha256 = async (
|
|
|
9
9
|
typeof input === 'string' ? uint8arrays.fromString(input, 'utf8') : input
|
|
10
10
|
return noble.sha256(bytes)
|
|
11
11
|
}
|
|
12
|
+
|
|
13
|
+
export const sha256Hex = async (
|
|
14
|
+
input: Uint8Array | string,
|
|
15
|
+
): Promise<string> => {
|
|
16
|
+
const hash = await sha256(input)
|
|
17
|
+
return uint8arrays.toString(hash, 'hex')
|
|
18
|
+
}
|
package/src/types.ts
CHANGED
|
@@ -9,6 +9,10 @@ export interface Didable {
|
|
|
9
9
|
|
|
10
10
|
export interface Keypair extends Signer, Didable {}
|
|
11
11
|
|
|
12
|
+
export interface ExportableKeypair extends Keypair {
|
|
13
|
+
export(): Promise<Uint8Array>
|
|
14
|
+
}
|
|
15
|
+
|
|
12
16
|
export type DidKeyPlugin = {
|
|
13
17
|
prefix: Uint8Array
|
|
14
18
|
jwtAlg: string
|
|
@@ -18,8 +22,11 @@ export type DidKeyPlugin = {
|
|
|
18
22
|
data: Uint8Array,
|
|
19
23
|
opts?: VerifyOptions,
|
|
20
24
|
) => Promise<boolean>
|
|
25
|
+
|
|
26
|
+
compressPubkey: (uncompressed: Uint8Array) => Uint8Array
|
|
27
|
+
decompressPubkey: (compressed: Uint8Array) => Uint8Array
|
|
21
28
|
}
|
|
22
29
|
|
|
23
30
|
export type VerifyOptions = {
|
|
24
|
-
|
|
31
|
+
allowMalleableSig?: boolean
|
|
25
32
|
}
|
package/src/utils.ts
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import * as uint8arrays from 'uint8arrays'
|
|
2
|
+
import { BASE58_MULTIBASE_PREFIX, DID_KEY_PREFIX } from './const'
|
|
3
|
+
|
|
4
|
+
export const extractMultikey = (did: string): string => {
|
|
5
|
+
if (!did.startsWith(DID_KEY_PREFIX)) {
|
|
6
|
+
throw new Error(`Incorrect prefix for did:key: ${did}`)
|
|
7
|
+
}
|
|
8
|
+
return did.slice(DID_KEY_PREFIX.length)
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
export const extractPrefixedBytes = (multikey: string): Uint8Array => {
|
|
12
|
+
if (!multikey.startsWith(BASE58_MULTIBASE_PREFIX)) {
|
|
13
|
+
throw new Error(`Incorrect prefix for multikey: ${multikey}`)
|
|
14
|
+
}
|
|
15
|
+
return uint8arrays.fromString(
|
|
16
|
+
multikey.slice(BASE58_MULTIBASE_PREFIX.length),
|
|
17
|
+
'base58btc',
|
|
18
|
+
)
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
export const hasPrefix = (bytes: Uint8Array, prefix: Uint8Array): boolean => {
|
|
22
|
+
return uint8arrays.equals(prefix, bytes.subarray(0, prefix.byteLength))
|
|
23
|
+
}
|
package/tests/signatures.test.ts
CHANGED
|
@@ -2,11 +2,11 @@ import fs from 'node:fs'
|
|
|
2
2
|
import * as uint8arrays from 'uint8arrays'
|
|
3
3
|
import { secp256k1 as nobleK256 } from '@noble/curves/secp256k1'
|
|
4
4
|
import { p256 as nobleP256 } from '@noble/curves/p256'
|
|
5
|
+
import { cborEncode } from '@atproto/common'
|
|
5
6
|
import EcdsaKeypair from '../src/p256/keypair'
|
|
6
7
|
import Secp256k1Keypair from '../src/secp256k1/keypair'
|
|
7
8
|
import * as p256 from '../src/p256/operations'
|
|
8
9
|
import * as secp from '../src/secp256k1/operations'
|
|
9
|
-
import { cborEncode } from '@atproto/common'
|
|
10
10
|
import {
|
|
11
11
|
bytesToMultibase,
|
|
12
12
|
multibaseToBytes,
|
|
@@ -78,7 +78,46 @@ describe('signatures', () => {
|
|
|
78
78
|
keyBytes,
|
|
79
79
|
messageBytes,
|
|
80
80
|
signatureBytes,
|
|
81
|
-
{
|
|
81
|
+
{ allowMalleableSig: true },
|
|
82
|
+
)
|
|
83
|
+
expect(verified).toEqual(true)
|
|
84
|
+
expect(vector.validSignature).toEqual(false) // otherwise would fail per low-s requirement
|
|
85
|
+
} else if (vector.algorithm === SECP256K1_JWT_ALG) {
|
|
86
|
+
const verified = await secp.verifySig(
|
|
87
|
+
keyBytes,
|
|
88
|
+
messageBytes,
|
|
89
|
+
signatureBytes,
|
|
90
|
+
{ allowMalleableSig: true },
|
|
91
|
+
)
|
|
92
|
+
expect(verified).toEqual(true)
|
|
93
|
+
expect(vector.validSignature).toEqual(false) // otherwise would fail per low-s requirement
|
|
94
|
+
} else {
|
|
95
|
+
throw new Error('Unsupported test vector')
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
})
|
|
99
|
+
|
|
100
|
+
it('verifies der-encoded signatures with explicit option', async () => {
|
|
101
|
+
const DERVectors = vectors.filter((vec) => vec.tags.includes('der-encoded'))
|
|
102
|
+
expect(DERVectors.length).toBeGreaterThanOrEqual(2)
|
|
103
|
+
for (const vector of DERVectors) {
|
|
104
|
+
const messageBytes = uint8arrays.fromString(
|
|
105
|
+
vector.messageBase64,
|
|
106
|
+
'base64',
|
|
107
|
+
)
|
|
108
|
+
const signatureBytes = uint8arrays.fromString(
|
|
109
|
+
vector.signatureBase64,
|
|
110
|
+
'base64',
|
|
111
|
+
)
|
|
112
|
+
const keyBytes = multibaseToBytes(vector.publicKeyMultibase)
|
|
113
|
+
const didKey = parseDidKey(vector.publicKeyDid)
|
|
114
|
+
expect(uint8arrays.equals(keyBytes, didKey.keyBytes))
|
|
115
|
+
if (vector.algorithm === P256_JWT_ALG) {
|
|
116
|
+
const verified = await p256.verifySig(
|
|
117
|
+
keyBytes,
|
|
118
|
+
messageBytes,
|
|
119
|
+
signatureBytes,
|
|
120
|
+
{ allowMalleableSig: true },
|
|
82
121
|
)
|
|
83
122
|
expect(verified).toEqual(true)
|
|
84
123
|
expect(vector.validSignature).toEqual(false) // otherwise would fail per low-s requirement
|
|
@@ -87,7 +126,7 @@ describe('signatures', () => {
|
|
|
87
126
|
keyBytes,
|
|
88
127
|
messageBytes,
|
|
89
128
|
signatureBytes,
|
|
90
|
-
{
|
|
129
|
+
{ allowMalleableSig: true },
|
|
91
130
|
)
|
|
92
131
|
expect(verified).toEqual(true)
|
|
93
132
|
expect(vector.validSignature).toEqual(false) // otherwise would fail per low-s requirement
|
|
@@ -98,6 +137,7 @@ describe('signatures', () => {
|
|
|
98
137
|
})
|
|
99
138
|
})
|
|
100
139
|
|
|
140
|
+
// @ts-expect-error
|
|
101
141
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
102
142
|
async function generateTestVectors(): Promise<TestVector[]> {
|
|
103
143
|
const p256Key = await EcdsaKeypair.create({ exportable: true })
|
|
@@ -168,6 +208,39 @@ async function generateTestVectors(): Promise<TestVector[]> {
|
|
|
168
208
|
validSignature: false,
|
|
169
209
|
tags: ['high-s'],
|
|
170
210
|
},
|
|
211
|
+
// these vectors test to ensure we don't allow der-encoded signatures
|
|
212
|
+
{
|
|
213
|
+
messageBase64,
|
|
214
|
+
algorithm: P256_JWT_ALG, // "ES256" / ecdsa p-256
|
|
215
|
+
publicKeyDid: p256Key.did(),
|
|
216
|
+
publicKeyMultibase: bytesToMultibase(
|
|
217
|
+
p256Key.publicKeyBytes(),
|
|
218
|
+
'base58btc',
|
|
219
|
+
),
|
|
220
|
+
signatureBase64: await makeDerEncodedSig(
|
|
221
|
+
messageBytes,
|
|
222
|
+
await p256Key.export(),
|
|
223
|
+
P256_JWT_ALG,
|
|
224
|
+
),
|
|
225
|
+
validSignature: false,
|
|
226
|
+
tags: ['der-encoded'],
|
|
227
|
+
},
|
|
228
|
+
{
|
|
229
|
+
messageBase64,
|
|
230
|
+
algorithm: SECP256K1_JWT_ALG, // "ES256K" / secp256k
|
|
231
|
+
publicKeyDid: secpKey.did(),
|
|
232
|
+
publicKeyMultibase: bytesToMultibase(
|
|
233
|
+
secpKey.publicKeyBytes(),
|
|
234
|
+
'base58btc',
|
|
235
|
+
),
|
|
236
|
+
signatureBase64: await makeDerEncodedSig(
|
|
237
|
+
messageBytes,
|
|
238
|
+
await secpKey.export(),
|
|
239
|
+
SECP256K1_JWT_ALG,
|
|
240
|
+
),
|
|
241
|
+
validSignature: false,
|
|
242
|
+
tags: ['der-encoded'],
|
|
243
|
+
},
|
|
171
244
|
]
|
|
172
245
|
}
|
|
173
246
|
|
|
@@ -195,6 +268,24 @@ async function makeHighSSig(
|
|
|
195
268
|
return sig
|
|
196
269
|
}
|
|
197
270
|
|
|
271
|
+
async function makeDerEncodedSig(
|
|
272
|
+
msgBytes: Uint8Array,
|
|
273
|
+
keyBytes: Uint8Array,
|
|
274
|
+
alg: string,
|
|
275
|
+
): Promise<string> {
|
|
276
|
+
const hash = await sha256(msgBytes)
|
|
277
|
+
|
|
278
|
+
let sig: string
|
|
279
|
+
if (alg === SECP256K1_JWT_ALG) {
|
|
280
|
+
const attempt = await nobleK256.sign(hash, keyBytes, { lowS: true })
|
|
281
|
+
sig = uint8arrays.toString(attempt.toDERRawBytes(), 'base64')
|
|
282
|
+
} else {
|
|
283
|
+
const attempt = await nobleP256.sign(hash, keyBytes, { lowS: true })
|
|
284
|
+
sig = uint8arrays.toString(attempt.toDERRawBytes(), 'base64')
|
|
285
|
+
}
|
|
286
|
+
return sig
|
|
287
|
+
}
|
|
288
|
+
|
|
198
289
|
type TestVector = {
|
|
199
290
|
algorithm: string
|
|
200
291
|
publicKeyDid: string
|
package/tsconfig.build.json
CHANGED
package/tsconfig.json
CHANGED
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
{
|
|
2
|
-
"
|
|
3
|
-
"
|
|
4
|
-
"
|
|
5
|
-
"
|
|
6
|
-
|
|
7
|
-
},
|
|
8
|
-
"include": ["./src", "__tests__/**/**.ts"]
|
|
2
|
+
"include": [],
|
|
3
|
+
"references": [
|
|
4
|
+
{ "path": "./tsconfig.build.json" },
|
|
5
|
+
{ "path": "./tsconfig.tests.json" }
|
|
6
|
+
]
|
|
9
7
|
}
|
package/build.js
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
const { nodeExternalsPlugin } = require('esbuild-node-externals')
|
|
2
|
-
|
|
3
|
-
const buildShallow =
|
|
4
|
-
process.argv.includes('--shallow') || process.env.ATP_BUILD_SHALLOW === 'true'
|
|
5
|
-
|
|
6
|
-
require('esbuild').build({
|
|
7
|
-
logLevel: 'info',
|
|
8
|
-
entryPoints: ['src/index.ts'],
|
|
9
|
-
bundle: true,
|
|
10
|
-
sourcemap: true,
|
|
11
|
-
outdir: 'dist',
|
|
12
|
-
platform: 'node',
|
|
13
|
-
plugins: buildShallow ? [nodeExternalsPlugin()] : [],
|
|
14
|
-
})
|