@atproto/crypto 0.3.0 → 0.3.1-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/LICENSE.txt +1 -1
  3. package/dist/const.d.ts +1 -0
  4. package/dist/const.d.ts.map +1 -0
  5. package/dist/const.js +10 -0
  6. package/dist/const.js.map +1 -0
  7. package/dist/did.d.ts +2 -1
  8. package/dist/did.d.ts.map +1 -0
  9. package/dist/did.js +68 -0
  10. package/dist/did.js.map +1 -0
  11. package/dist/index.d.ts +1 -0
  12. package/dist/index.d.ts.map +1 -0
  13. package/dist/index.js +27 -3351
  14. package/dist/index.js.map +1 -7
  15. package/dist/multibase.d.ts +1 -0
  16. package/dist/multibase.d.ts.map +1 -0
  17. package/dist/multibase.js +76 -0
  18. package/dist/multibase.js.map +1 -0
  19. package/dist/p256/encoding.d.ts +1 -0
  20. package/dist/p256/encoding.d.ts.map +1 -0
  21. package/dist/p256/encoding.js +18 -0
  22. package/dist/p256/encoding.js.map +1 -0
  23. package/dist/p256/keypair.d.ts +3 -2
  24. package/dist/p256/keypair.d.ts.map +1 -0
  25. package/dist/p256/keypair.js +94 -0
  26. package/dist/p256/keypair.js.map +1 -0
  27. package/dist/p256/operations.d.ts +1 -0
  28. package/dist/p256/operations.d.ts.map +1 -0
  29. package/dist/p256/operations.js +41 -0
  30. package/dist/p256/operations.js.map +1 -0
  31. package/dist/p256/plugin.d.ts +1 -0
  32. package/dist/p256/plugin.d.ts.map +1 -0
  33. package/dist/p256/plugin.js +15 -0
  34. package/dist/p256/plugin.js.map +1 -0
  35. package/dist/plugins.d.ts +1 -0
  36. package/dist/plugins.d.ts.map +1 -0
  37. package/dist/plugins.js +11 -0
  38. package/dist/plugins.js.map +1 -0
  39. package/dist/random.d.ts +1 -0
  40. package/dist/random.d.ts.map +1 -0
  41. package/dist/random.js +44 -0
  42. package/dist/random.js.map +1 -0
  43. package/dist/secp256k1/encoding.d.ts +1 -0
  44. package/dist/secp256k1/encoding.d.ts.map +1 -0
  45. package/dist/secp256k1/encoding.js +18 -0
  46. package/dist/secp256k1/encoding.js.map +1 -0
  47. package/dist/secp256k1/keypair.d.ts +3 -2
  48. package/dist/secp256k1/keypair.d.ts.map +1 -0
  49. package/dist/secp256k1/keypair.js +94 -0
  50. package/dist/secp256k1/keypair.js.map +1 -0
  51. package/dist/secp256k1/operations.d.ts +1 -0
  52. package/dist/secp256k1/operations.d.ts.map +1 -0
  53. package/dist/secp256k1/operations.js +64 -0
  54. package/dist/secp256k1/operations.js.map +1 -0
  55. package/dist/secp256k1/plugin.d.ts +1 -0
  56. package/dist/secp256k1/plugin.d.ts.map +1 -0
  57. package/dist/secp256k1/plugin.js +15 -0
  58. package/dist/secp256k1/plugin.js.map +1 -0
  59. package/dist/sha.d.ts +2 -0
  60. package/dist/sha.d.ts.map +1 -0
  61. package/dist/sha.js +40 -0
  62. package/dist/sha.js.map +1 -0
  63. package/dist/types.d.ts +8 -2
  64. package/dist/types.d.ts.map +1 -0
  65. package/dist/types.js +3 -0
  66. package/dist/types.js.map +1 -0
  67. package/dist/utils.d.ts +4 -0
  68. package/dist/utils.d.ts.map +1 -0
  69. package/dist/utils.js +47 -0
  70. package/dist/utils.js.map +1 -0
  71. package/dist/verify.d.ts +1 -0
  72. package/dist/verify.d.ts.map +1 -0
  73. package/dist/verify.js +48 -0
  74. package/dist/verify.js.map +1 -0
  75. package/jest.config.js +3 -3
  76. package/package.json +8 -6
  77. package/src/did.ts +13 -35
  78. package/src/p256/keypair.ts +8 -6
  79. package/src/p256/operations.ts +8 -6
  80. package/src/p256/plugin.ts +7 -2
  81. package/src/secp256k1/keypair.ts +9 -7
  82. package/src/secp256k1/operations.ts +6 -4
  83. package/src/secp256k1/plugin.ts +7 -2
  84. package/src/sha.ts +7 -0
  85. package/src/types.ts +7 -0
  86. package/src/utils.ts +23 -0
  87. package/tests/signatures.test.ts +2 -1
  88. package/tsconfig.build.json +6 -2
  89. package/tsconfig.json +5 -7
  90. package/tsconfig.tests.json +7 -0
  91. package/build.js +0 -14
package/src/did.ts CHANGED
@@ -1,13 +1,8 @@
1
1
  import * as uint8arrays from 'uint8arrays'
2
- import * as p256 from './p256/encoding'
3
- import * as secp from './secp256k1/encoding'
2
+
3
+ import { BASE58_MULTIBASE_PREFIX, DID_KEY_PREFIX } from './const'
4
4
  import plugins from './plugins'
5
- import {
6
- BASE58_MULTIBASE_PREFIX,
7
- DID_KEY_PREFIX,
8
- P256_JWT_ALG,
9
- SECP256K1_JWT_ALG,
10
- } from './const'
5
+ import { extractMultikey, extractPrefixedBytes, hasPrefix } from './utils'
11
6
 
12
7
  export type ParsedMultikey = {
13
8
  jwtAlg: string
@@ -15,23 +10,14 @@ export type ParsedMultikey = {
15
10
  }
16
11
 
17
12
  export const parseMultikey = (multikey: string): ParsedMultikey => {
18
- if (!multikey.startsWith(BASE58_MULTIBASE_PREFIX)) {
19
- throw new Error(`Incorrect prefix for multikey: ${multikey}`)
20
- }
21
- const prefixedBytes = uint8arrays.fromString(
22
- multikey.slice(BASE58_MULTIBASE_PREFIX.length),
23
- 'base58btc',
24
- )
13
+ const prefixedBytes = extractPrefixedBytes(multikey)
25
14
  const plugin = plugins.find((p) => hasPrefix(prefixedBytes, p.prefix))
26
15
  if (!plugin) {
27
16
  throw new Error('Unsupported key type')
28
17
  }
29
- let keyBytes = prefixedBytes.slice(plugin.prefix.length)
30
- if (plugin.jwtAlg === P256_JWT_ALG) {
31
- keyBytes = p256.decompressPubkey(keyBytes)
32
- } else if (plugin.jwtAlg === SECP256K1_JWT_ALG) {
33
- keyBytes = secp.decompressPubkey(keyBytes)
34
- }
18
+ const keyBytes = plugin.decompressPubkey(
19
+ prefixedBytes.slice(plugin.prefix.length),
20
+ )
35
21
  return {
36
22
  jwtAlg: plugin.jwtAlg,
37
23
  keyBytes,
@@ -46,28 +32,20 @@ export const formatMultikey = (
46
32
  if (!plugin) {
47
33
  throw new Error('Unsupported key type')
48
34
  }
49
- if (jwtAlg === P256_JWT_ALG) {
50
- keyBytes = p256.compressPubkey(keyBytes)
51
- } else if (jwtAlg === SECP256K1_JWT_ALG) {
52
- keyBytes = secp.compressPubkey(keyBytes)
53
- }
54
- const prefixedBytes = uint8arrays.concat([plugin.prefix, keyBytes])
35
+ const prefixedBytes = uint8arrays.concat([
36
+ plugin.prefix,
37
+ plugin.compressPubkey(keyBytes),
38
+ ])
55
39
  return (
56
40
  BASE58_MULTIBASE_PREFIX + uint8arrays.toString(prefixedBytes, 'base58btc')
57
41
  )
58
42
  }
59
43
 
60
44
  export const parseDidKey = (did: string): ParsedMultikey => {
61
- if (!did.startsWith(DID_KEY_PREFIX)) {
62
- throw new Error(`Incorrect prefix for did:key: ${did}`)
63
- }
64
- return parseMultikey(did.slice(DID_KEY_PREFIX.length))
45
+ const multikey = extractMultikey(did)
46
+ return parseMultikey(multikey)
65
47
  }
66
48
 
67
49
  export const formatDidKey = (jwtAlg: string, keyBytes: Uint8Array): string => {
68
50
  return DID_KEY_PREFIX + formatMultikey(jwtAlg, keyBytes)
69
51
  }
70
-
71
- const hasPrefix = (bytes: Uint8Array, prefix: Uint8Array): boolean => {
72
- return uint8arrays.equals(prefix, bytes.subarray(0, prefix.byteLength))
73
- }
@@ -1,7 +1,11 @@
1
1
  import { p256 } from '@noble/curves/p256'
2
2
  import { sha256 } from '@noble/hashes/sha256'
3
- import * as uint8arrays from 'uint8arrays'
4
- import { SupportedEncodings } from 'uint8arrays/util/bases'
3
+ import { SupportedEncodings } from 'uint8arrays/to-string'
4
+ import {
5
+ fromString as ui8FromString,
6
+ toString as ui8ToString,
7
+ } from 'uint8arrays'
8
+
5
9
  import * as did from '../did'
6
10
  import { P256_JWT_ALG } from '../const'
7
11
  import { Keypair } from '../types'
@@ -32,9 +36,7 @@ export class P256Keypair implements Keypair {
32
36
  ): Promise<P256Keypair> {
33
37
  const { exportable = false } = opts || {}
34
38
  const privKeyBytes =
35
- typeof privKey === 'string'
36
- ? uint8arrays.fromString(privKey, 'hex')
37
- : privKey
39
+ typeof privKey === 'string' ? ui8FromString(privKey, 'hex') : privKey
38
40
  return new P256Keypair(privKeyBytes, exportable)
39
41
  }
40
42
 
@@ -43,7 +45,7 @@ export class P256Keypair implements Keypair {
43
45
  }
44
46
 
45
47
  publicKeyStr(encoding: SupportedEncodings = 'base64pad'): string {
46
- return uint8arrays.toString(this.publicKey, encoding)
48
+ return ui8ToString(this.publicKey, encoding)
47
49
  }
48
50
 
49
51
  did(): string {
@@ -1,9 +1,10 @@
1
1
  import { p256 } from '@noble/curves/p256'
2
2
  import { sha256 } from '@noble/hashes/sha256'
3
- import * as ui8 from 'uint8arrays'
4
- import { P256_JWT_ALG } from '../const'
5
- import { parseDidKey } from '../did'
3
+ import { equals as ui8equals } from 'uint8arrays'
4
+
5
+ import { P256_DID_PREFIX } from '../const'
6
6
  import { VerifyOptions } from '../types'
7
+ import { extractMultikey, extractPrefixedBytes, hasPrefix } from '../utils'
7
8
 
8
9
  export const verifyDidSig = async (
9
10
  did: string,
@@ -11,10 +12,11 @@ export const verifyDidSig = async (
11
12
  sig: Uint8Array,
12
13
  opts?: VerifyOptions,
13
14
  ): Promise<boolean> => {
14
- const { jwtAlg, keyBytes } = parseDidKey(did)
15
- if (jwtAlg !== P256_JWT_ALG) {
15
+ const prefixedBytes = extractPrefixedBytes(extractMultikey(did))
16
+ if (!hasPrefix(prefixedBytes, P256_DID_PREFIX)) {
16
17
  throw new Error(`Not a P-256 did:key: ${did}`)
17
18
  }
19
+ const keyBytes = prefixedBytes.slice(P256_DID_PREFIX.length)
18
20
  return verifySig(keyBytes, data, sig, opts)
19
21
  }
20
22
 
@@ -39,7 +41,7 @@ export const verifySig = async (
39
41
  export const isCompactFormat = (sig: Uint8Array) => {
40
42
  try {
41
43
  const parsed = p256.Signature.fromCompact(sig)
42
- return ui8.equals(parsed.toCompactRawBytes(), sig)
44
+ return ui8equals(parsed.toCompactRawBytes(), sig)
43
45
  } catch {
44
46
  return false
45
47
  }
@@ -1,11 +1,16 @@
1
- import * as operations from './operations'
1
+ import { verifyDidSig } from './operations'
2
+ import { compressPubkey, decompressPubkey } from './encoding'
3
+
2
4
  import { DidKeyPlugin } from '../types'
3
5
  import { P256_DID_PREFIX, P256_JWT_ALG } from '../const'
4
6
 
5
7
  export const p256Plugin: DidKeyPlugin = {
6
8
  prefix: P256_DID_PREFIX,
7
9
  jwtAlg: P256_JWT_ALG,
8
- verifySignature: operations.verifyDidSig,
10
+ verifySignature: verifyDidSig,
11
+
12
+ compressPubkey,
13
+ decompressPubkey,
9
14
  }
10
15
 
11
16
  export default p256Plugin
@@ -1,9 +1,13 @@
1
1
  import { secp256k1 as k256 } from '@noble/curves/secp256k1'
2
2
  import { sha256 } from '@noble/hashes/sha256'
3
- import * as uint8arrays from 'uint8arrays'
4
- import { SupportedEncodings } from 'uint8arrays/util/bases'
5
- import * as did from '../did'
3
+ import {
4
+ fromString as ui8FromString,
5
+ toString as ui8ToString,
6
+ } from 'uint8arrays'
7
+ import { SupportedEncodings } from 'uint8arrays/to-string'
8
+
6
9
  import { SECP256K1_JWT_ALG } from '../const'
10
+ import * as did from '../did'
7
11
  import { Keypair } from '../types'
8
12
 
9
13
  export type Secp256k1KeypairOptions = {
@@ -32,9 +36,7 @@ export class Secp256k1Keypair implements Keypair {
32
36
  ): Promise<Secp256k1Keypair> {
33
37
  const { exportable = false } = opts || {}
34
38
  const privKeyBytes =
35
- typeof privKey === 'string'
36
- ? uint8arrays.fromString(privKey, 'hex')
37
- : privKey
39
+ typeof privKey === 'string' ? ui8FromString(privKey, 'hex') : privKey
38
40
  return new Secp256k1Keypair(privKeyBytes, exportable)
39
41
  }
40
42
 
@@ -43,7 +45,7 @@ export class Secp256k1Keypair implements Keypair {
43
45
  }
44
46
 
45
47
  publicKeyStr(encoding: SupportedEncodings = 'base64pad'): string {
46
- return uint8arrays.toString(this.publicKey, encoding)
48
+ return ui8ToString(this.publicKey, encoding)
47
49
  }
48
50
 
49
51
  did(): string {
@@ -1,9 +1,10 @@
1
1
  import { secp256k1 as k256 } from '@noble/curves/secp256k1'
2
2
  import { sha256 } from '@noble/hashes/sha256'
3
3
  import * as ui8 from 'uint8arrays'
4
- import { SECP256K1_JWT_ALG } from '../const'
5
- import { parseDidKey } from '../did'
4
+
5
+ import { SECP256K1_DID_PREFIX } from '../const'
6
6
  import { VerifyOptions } from '../types'
7
+ import { extractMultikey, extractPrefixedBytes, hasPrefix } from '../utils'
7
8
 
8
9
  export const verifyDidSig = async (
9
10
  did: string,
@@ -11,10 +12,11 @@ export const verifyDidSig = async (
11
12
  sig: Uint8Array,
12
13
  opts?: VerifyOptions,
13
14
  ): Promise<boolean> => {
14
- const { jwtAlg, keyBytes } = parseDidKey(did)
15
- if (jwtAlg !== SECP256K1_JWT_ALG) {
15
+ const prefixedBytes = extractPrefixedBytes(extractMultikey(did))
16
+ if (!hasPrefix(prefixedBytes, SECP256K1_DID_PREFIX)) {
16
17
  throw new Error(`Not a secp256k1 did:key: ${did}`)
17
18
  }
19
+ const keyBytes = prefixedBytes.slice(SECP256K1_DID_PREFIX.length)
18
20
  return verifySig(keyBytes, data, sig, opts)
19
21
  }
20
22
 
@@ -1,11 +1,16 @@
1
- import * as operations from './operations'
1
+ import { verifyDidSig } from './operations'
2
+ import { compressPubkey, decompressPubkey } from './encoding'
3
+
2
4
  import { DidKeyPlugin } from '../types'
3
5
  import { SECP256K1_DID_PREFIX, SECP256K1_JWT_ALG } from '../const'
4
6
 
5
7
  export const secp256k1Plugin: DidKeyPlugin = {
6
8
  prefix: SECP256K1_DID_PREFIX,
7
9
  jwtAlg: SECP256K1_JWT_ALG,
8
- verifySignature: operations.verifyDidSig,
10
+ verifySignature: verifyDidSig,
11
+
12
+ compressPubkey,
13
+ decompressPubkey,
9
14
  }
10
15
 
11
16
  export default secp256k1Plugin
package/src/sha.ts CHANGED
@@ -9,3 +9,10 @@ export const sha256 = async (
9
9
  typeof input === 'string' ? uint8arrays.fromString(input, 'utf8') : input
10
10
  return noble.sha256(bytes)
11
11
  }
12
+
13
+ export const sha256Hex = async (
14
+ input: Uint8Array | string,
15
+ ): Promise<string> => {
16
+ const hash = await sha256(input)
17
+ return uint8arrays.toString(hash, 'hex')
18
+ }
package/src/types.ts CHANGED
@@ -9,6 +9,10 @@ export interface Didable {
9
9
 
10
10
  export interface Keypair extends Signer, Didable {}
11
11
 
12
+ export interface ExportableKeypair extends Keypair {
13
+ export(): Promise<Uint8Array>
14
+ }
15
+
12
16
  export type DidKeyPlugin = {
13
17
  prefix: Uint8Array
14
18
  jwtAlg: string
@@ -18,6 +22,9 @@ export type DidKeyPlugin = {
18
22
  data: Uint8Array,
19
23
  opts?: VerifyOptions,
20
24
  ) => Promise<boolean>
25
+
26
+ compressPubkey: (uncompressed: Uint8Array) => Uint8Array
27
+ decompressPubkey: (compressed: Uint8Array) => Uint8Array
21
28
  }
22
29
 
23
30
  export type VerifyOptions = {
package/src/utils.ts ADDED
@@ -0,0 +1,23 @@
1
+ import * as uint8arrays from 'uint8arrays'
2
+ import { BASE58_MULTIBASE_PREFIX, DID_KEY_PREFIX } from './const'
3
+
4
+ export const extractMultikey = (did: string): string => {
5
+ if (!did.startsWith(DID_KEY_PREFIX)) {
6
+ throw new Error(`Incorrect prefix for did:key: ${did}`)
7
+ }
8
+ return did.slice(DID_KEY_PREFIX.length)
9
+ }
10
+
11
+ export const extractPrefixedBytes = (multikey: string): Uint8Array => {
12
+ if (!multikey.startsWith(BASE58_MULTIBASE_PREFIX)) {
13
+ throw new Error(`Incorrect prefix for multikey: ${multikey}`)
14
+ }
15
+ return uint8arrays.fromString(
16
+ multikey.slice(BASE58_MULTIBASE_PREFIX.length),
17
+ 'base58btc',
18
+ )
19
+ }
20
+
21
+ export const hasPrefix = (bytes: Uint8Array, prefix: Uint8Array): boolean => {
22
+ return uint8arrays.equals(prefix, bytes.subarray(0, prefix.byteLength))
23
+ }
@@ -2,11 +2,11 @@ import fs from 'node:fs'
2
2
  import * as uint8arrays from 'uint8arrays'
3
3
  import { secp256k1 as nobleK256 } from '@noble/curves/secp256k1'
4
4
  import { p256 as nobleP256 } from '@noble/curves/p256'
5
+ import { cborEncode } from '@atproto/common'
5
6
  import EcdsaKeypair from '../src/p256/keypair'
6
7
  import Secp256k1Keypair from '../src/secp256k1/keypair'
7
8
  import * as p256 from '../src/p256/operations'
8
9
  import * as secp from '../src/secp256k1/operations'
9
- import { cborEncode } from '@atproto/common'
10
10
  import {
11
11
  bytesToMultibase,
12
12
  multibaseToBytes,
@@ -137,6 +137,7 @@ describe('signatures', () => {
137
137
  })
138
138
  })
139
139
 
140
+ // @ts-expect-error
140
141
  // eslint-disable-next-line @typescript-eslint/no-unused-vars
141
142
  async function generateTestVectors(): Promise<TestVector[]> {
142
143
  const p256Key = await EcdsaKeypair.create({ exportable: true })
@@ -1,4 +1,8 @@
1
1
  {
2
- "extends": "./tsconfig.json",
3
- "exclude": ["**/*.spec.ts", "**/*.test.ts"]
2
+ "extends": "../../tsconfig/isomorphic.json",
3
+ "compilerOptions": {
4
+ "rootDir": "./src",
5
+ "outDir": "./dist"
6
+ },
7
+ "include": ["./src"]
4
8
  }
package/tsconfig.json CHANGED
@@ -1,9 +1,7 @@
1
1
  {
2
- "extends": "../../tsconfig.json",
3
- "compilerOptions": {
4
- "rootDir": "./src",
5
- "outDir": "./dist", // Your outDir,
6
- "emitDeclarationOnly": true
7
- },
8
- "include": ["./src", "__tests__/**/**.ts"]
2
+ "include": [],
3
+ "references": [
4
+ { "path": "./tsconfig.build.json" },
5
+ { "path": "./tsconfig.tests.json" }
6
+ ]
9
7
  }
@@ -0,0 +1,7 @@
1
+ {
2
+ "extends": "../../tsconfig/tests.json",
3
+ "compilerOptions": {
4
+ "rootDir": "."
5
+ },
6
+ "include": ["./tests"]
7
+ }
package/build.js DELETED
@@ -1,14 +0,0 @@
1
- const { nodeExternalsPlugin } = require('esbuild-node-externals')
2
-
3
- const buildShallow =
4
- process.argv.includes('--shallow') || process.env.ATP_BUILD_SHALLOW === 'true'
5
-
6
- require('esbuild').build({
7
- logLevel: 'info',
8
- entryPoints: ['src/index.ts'],
9
- bundle: true,
10
- sourcemap: true,
11
- outdir: 'dist',
12
- platform: 'node',
13
- plugins: buildShallow ? [nodeExternalsPlugin()] : [],
14
- })