@atproto/crypto 0.4.1 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # @atproto/crypto
2
2
 
3
+ ## 0.4.3
4
+
5
+ ### Patch Changes
6
+
7
+ - [#3335](https://github.com/bluesky-social/atproto/pull/3335) [`1abfd74ec`](https://github.com/bluesky-social/atproto/commit/1abfd74ec7114e5d8e2411f7a4fa10bdce97e277) Thanks [@dholms](https://github.com/dholms)! - Update noble crypto libraries
8
+
9
+ ## 0.4.2
10
+
11
+ ### Patch Changes
12
+
13
+ - [#2936](https://github.com/bluesky-social/atproto/pull/2936) [`1982693e3`](https://github.com/bluesky-social/atproto/commit/1982693e3ea1fef4db76ac9aca3db8dc5ebf3fe0) Thanks [@rafaelbsky](https://github.com/rafaelbsky)! - Export utils
14
+
3
15
  ## 0.4.1
4
16
 
5
17
  ### Patch Changes
package/dist/index.d.ts CHANGED
@@ -5,6 +5,7 @@ export * from './random';
5
5
  export * from './sha';
6
6
  export * from './types';
7
7
  export * from './verify';
8
+ export * from './utils';
8
9
  export * from './p256/keypair';
9
10
  export * from './p256/plugin';
10
11
  export * from './secp256k1/keypair';
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA;AACvB,cAAc,OAAO,CAAA;AACrB,cAAc,aAAa,CAAA;AAC3B,cAAc,UAAU,CAAA;AACxB,cAAc,OAAO,CAAA;AACrB,cAAc,SAAS,CAAA;AACvB,cAAc,UAAU,CAAA;AAExB,cAAc,gBAAgB,CAAA;AAC9B,cAAc,eAAe,CAAA;AAE7B,cAAc,qBAAqB,CAAA;AACnC,cAAc,oBAAoB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA;AACvB,cAAc,OAAO,CAAA;AACrB,cAAc,aAAa,CAAA;AAC3B,cAAc,UAAU,CAAA;AACxB,cAAc,OAAO,CAAA;AACrB,cAAc,SAAS,CAAA;AACvB,cAAc,UAAU,CAAA;AACxB,cAAc,SAAS,CAAA;AAEvB,cAAc,gBAAgB,CAAA;AAC9B,cAAc,eAAe,CAAA;AAE7B,cAAc,qBAAqB,CAAA;AACnC,cAAc,oBAAoB,CAAA"}
package/dist/index.js CHANGED
@@ -21,6 +21,7 @@ __exportStar(require("./random"), exports);
21
21
  __exportStar(require("./sha"), exports);
22
22
  __exportStar(require("./types"), exports);
23
23
  __exportStar(require("./verify"), exports);
24
+ __exportStar(require("./utils"), exports);
24
25
  __exportStar(require("./p256/keypair"), exports);
25
26
  __exportStar(require("./p256/plugin"), exports);
26
27
  __exportStar(require("./secp256k1/keypair"), exports);
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAuB;AACvB,wCAAqB;AACrB,8CAA2B;AAC3B,2CAAwB;AACxB,wCAAqB;AACrB,0CAAuB;AACvB,2CAAwB;AAExB,iDAA8B;AAC9B,gDAA6B;AAE7B,sDAAmC;AACnC,qDAAkC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAuB;AACvB,wCAAqB;AACrB,8CAA2B;AAC3B,2CAAwB;AACxB,wCAAqB;AACrB,0CAAuB;AACvB,2CAAwB;AACxB,0CAAuB;AAEvB,iDAA8B;AAC9B,gDAA6B;AAE7B,sDAAmC;AACnC,qDAAkC"}
package/dist/multibase.js CHANGED
@@ -69,7 +69,7 @@ const bytesToMultibase = (mb, encoding) => {
69
69
  case 'base64urlpad':
70
70
  return 'U' + uint8arrays.toString(mb, encoding);
71
71
  default:
72
- throw new Error(`Unsupported multibase: :${mb}`);
72
+ throw new Error(`Unsupported multibase: :${encoding}`);
73
73
  }
74
74
  };
75
75
  exports.bytesToMultibase = bytesToMultibase;
@@ -1 +1 @@
1
- {"version":3,"file":"multibase.js","sourceRoot":"","sources":["../src/multibase.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yDAA0C;AAGnC,MAAM,gBAAgB,GAAG,CAAC,EAAU,EAAc,EAAE;IACzD,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;IAClB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACvB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;QACpD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAA;AAvBY,QAAA,gBAAgB,oBAuB5B;AAEM,MAAM,gBAAgB,GAAG,CAC9B,EAAc,EACd,QAA4B,EACpB,EAAE;IACV,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,cAAc;YACjB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAA;AAxBY,QAAA,gBAAgB,oBAwB5B"}
1
+ {"version":3,"file":"multibase.js","sourceRoot":"","sources":["../src/multibase.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yDAA0C;AAGnC,MAAM,gBAAgB,GAAG,CAAC,EAAU,EAAc,EAAE;IACzD,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;IAClB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACvB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;QACpD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAA;AAvBY,QAAA,gBAAgB,oBAuB5B;AAEM,MAAM,gBAAgB,GAAG,CAC9B,EAAc,EACd,QAA4B,EACpB,EAAE;IACV,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,cAAc;YACjB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAA;IAC1D,CAAC;AACH,CAAC,CAAA;AAxBY,QAAA,gBAAgB,oBAwB5B"}
@@ -1 +1 @@
1
- {"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,QAAQ,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,QAAQ,OAAO,CAWjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
1
+ {"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
@@ -18,12 +18,8 @@ exports.verifyDidSig = verifyDidSig;
18
18
  const verifySig = async (publicKey, data, sig, opts) => {
19
19
  const allowMalleable = opts?.allowMalleableSig ?? false;
20
20
  const msgHash = await (0, sha256_1.sha256)(data);
21
- // parse as compact sig to prevent signature malleability
22
- // library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
23
- if (!allowMalleable && !(0, exports.isCompactFormat)(sig)) {
24
- return false;
25
- }
26
21
  return p256_1.p256.verify(sig, msgHash, publicKey, {
22
+ format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
27
23
  lowS: !allowMalleable,
28
24
  });
29
25
  };
@@ -1 +1 @@
1
- {"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":";;;AAAA,6CAAyC;AACzC,iDAA6C;AAC7C,6CAAiD;AAEjD,oCAA0C;AAE1C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,uBAAe,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAA;IAChD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,uBAAe,CAAC,MAAM,CAAC,CAAA;IAC5D,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,yDAAyD;IACzD,oGAAoG;IACpG,IAAI,CAAC,cAAc,IAAI,CAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,KAAK,CAAA;IACd,CAAC;IACD,OAAO,WAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAhBY,QAAA,SAAS,aAgBrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,WAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,IAAA,oBAAS,EAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
1
+ {"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":";;;AAAA,6CAAyC;AACzC,iDAA6C;AAC7C,6CAAiD;AAEjD,oCAA0C;AAE1C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,uBAAe,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAA;IAChD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,uBAAe,CAAC,MAAM,CAAC,CAAA;IAC5D,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,OAAO,WAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,EAAE,iCAAiC;QACjF,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAZY,QAAA,SAAS,aAYrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,WAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,IAAA,oBAAS,EAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
@@ -1 +1 @@
1
- {"version":3,"file":"random.d.ts","sourceRoot":"","sources":["../src/random.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,qBAAqB,CAAA;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAG1D,eAAO,MAAM,WAAW,0BAAoB,CAAA;AAE5C,eAAO,MAAM,SAAS,eACR,MAAM,YACR,kBAAkB,KAC3B,MAGF,CAAA;AAED,eAAO,MAAM,iBAAiB,SACtB,MAAM,QACN,MAAM,mBAEX,QAAQ,MAAM,CAMhB,CAAA"}
1
+ {"version":3,"file":"random.d.ts","sourceRoot":"","sources":["../src/random.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,qBAAqB,CAAA;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAG1D,eAAO,MAAM,WAAW,0BAAoB,CAAA;AAE5C,eAAO,MAAM,SAAS,eACR,MAAM,YACR,kBAAkB,KAC3B,MAGF,CAAA;AAED,eAAO,MAAM,iBAAiB,SACtB,MAAM,QACN,MAAM,mBAEX,OAAO,CAAC,MAAM,CAMhB,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,QAAQ,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,QAAQ,OAAO,CAWjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
1
+ {"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
@@ -41,12 +41,8 @@ exports.verifyDidSig = verifyDidSig;
41
41
  const verifySig = async (publicKey, data, sig, opts) => {
42
42
  const allowMalleable = opts?.allowMalleableSig ?? false;
43
43
  const msgHash = await (0, sha256_1.sha256)(data);
44
- // parse as compact sig to prevent signature malleability
45
- // library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
46
- if (!allowMalleable && !(0, exports.isCompactFormat)(sig)) {
47
- return false;
48
- }
49
44
  return secp256k1_1.secp256k1.verify(sig, msgHash, publicKey, {
45
+ format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
50
46
  lowS: !allowMalleable,
51
47
  });
52
48
  };
@@ -1 +1 @@
1
- {"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAA2D;AAC3D,iDAA6C;AAC7C,iDAAkC;AAElC,oCAA+C;AAE/C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,4BAAoB,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,4BAAoB,CAAC,MAAM,CAAC,CAAA;IACjE,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,yDAAyD;IACzD,oGAAoG;IACpG,IAAI,CAAC,cAAc,IAAI,CAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,KAAK,CAAA;IACd,CAAC;IACD,OAAO,qBAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAhBY,QAAA,SAAS,aAgBrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,qBAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
1
+ {"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAA2D;AAC3D,iDAA6C;AAC7C,iDAAkC;AAElC,oCAA+C;AAE/C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,4BAAoB,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,4BAAoB,CAAC,MAAM,CAAC,CAAA;IACjE,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,OAAO,qBAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,EAAE,iCAAiC;QACjF,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAZY,QAAA,SAAS,aAYrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,qBAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
package/dist/sha.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sha.d.ts","sourceRoot":"","sources":["../src/sha.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,MAAM,UACV,UAAU,GAAG,MAAM,KACzB,QAAQ,UAAU,CAIpB,CAAA;AAGD,eAAO,MAAM,SAAS,UACb,UAAU,GAAG,MAAM,KACzB,QAAQ,MAAM,CAGhB,CAAA"}
1
+ {"version":3,"file":"sha.d.ts","sourceRoot":"","sources":["../src/sha.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,MAAM,UACV,UAAU,GAAG,MAAM,KACzB,OAAO,CAAC,UAAU,CAIpB,CAAA;AAGD,eAAO,MAAM,SAAS,UACb,UAAU,GAAG,MAAM,KACzB,OAAO,CAAC,MAAM,CAGhB,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAEvC,eAAO,MAAM,eAAe,WAClB,MAAM,QACR,UAAU,OACX,UAAU,SACR,aAAa,GAAG;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,KACA,QAAQ,OAAO,CAUjB,CAAA;AAED,eAAO,MAAM,mBAAmB,WACtB,MAAM,QACR,MAAM,OACP,MAAM,SACJ,aAAa,KACnB,QAAQ,OAAO,CAIjB,CAAA"}
1
+ {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAEvC,eAAO,MAAM,eAAe,WAClB,MAAM,QACR,UAAU,OACX,UAAU,SACR,aAAa,GAAG;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,KACA,OAAO,CAAC,OAAO,CAUjB,CAAA;AAED,eAAO,MAAM,mBAAmB,WACtB,MAAM,QACR,MAAM,OACP,MAAM,SACJ,aAAa,KACnB,OAAO,CAAC,OAAO,CAIjB,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@atproto/crypto",
3
- "version": "0.4.1",
3
+ "version": "0.4.3",
4
4
  "license": "MIT",
5
5
  "description": "Library for cryptographic keys and signing in atproto",
6
6
  "keywords": [
@@ -16,13 +16,14 @@
16
16
  "main": "dist/index.js",
17
17
  "types": "dist/index.d.ts",
18
18
  "dependencies": {
19
- "@noble/curves": "^1.1.0",
20
- "@noble/hashes": "^1.3.1",
19
+ "@noble/curves": "^1.7.0",
20
+ "@noble/hashes": "^1.6.1",
21
21
  "uint8arrays": "3.0.0"
22
22
  },
23
23
  "devDependencies": {
24
24
  "jest": "^28.1.2",
25
- "@atproto/common": "^0.4.1"
25
+ "typescript": "^5.6.3",
26
+ "@atproto/common": "^0.4.6"
26
27
  },
27
28
  "scripts": {
28
29
  "test": "jest ",
package/src/index.ts CHANGED
@@ -5,6 +5,7 @@ export * from './random'
5
5
  export * from './sha'
6
6
  export * from './types'
7
7
  export * from './verify'
8
+ export * from './utils'
8
9
 
9
10
  export * from './p256/keypair'
10
11
  export * from './p256/plugin'
package/src/multibase.ts CHANGED
@@ -48,6 +48,6 @@ export const bytesToMultibase = (
48
48
  case 'base64urlpad':
49
49
  return 'U' + uint8arrays.toString(mb, encoding)
50
50
  default:
51
- throw new Error(`Unsupported multibase: :${mb}`)
51
+ throw new Error(`Unsupported multibase: :${encoding}`)
52
52
  }
53
53
  }
@@ -28,12 +28,8 @@ export const verifySig = async (
28
28
  ): Promise<boolean> => {
29
29
  const allowMalleable = opts?.allowMalleableSig ?? false
30
30
  const msgHash = await sha256(data)
31
- // parse as compact sig to prevent signature malleability
32
- // library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
33
- if (!allowMalleable && !isCompactFormat(sig)) {
34
- return false
35
- }
36
31
  return p256.verify(sig, msgHash, publicKey, {
32
+ format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
37
33
  lowS: !allowMalleable,
38
34
  })
39
35
  }
@@ -28,12 +28,8 @@ export const verifySig = async (
28
28
  ): Promise<boolean> => {
29
29
  const allowMalleable = opts?.allowMalleableSig ?? false
30
30
  const msgHash = await sha256(data)
31
- // parse as compact sig to prevent signature malleability
32
- // library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
33
- if (!allowMalleable && !isCompactFormat(sig)) {
34
- return false
35
- }
36
31
  return k256.verify(sig, msgHash, publicKey, {
32
+ format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
37
33
  lowS: !allowMalleable,
38
34
  })
39
35
  }
@@ -0,0 +1 @@
1
+ {"root":["./src/const.ts","./src/did.ts","./src/index.ts","./src/multibase.ts","./src/plugins.ts","./src/random.ts","./src/sha.ts","./src/types.ts","./src/utils.ts","./src/verify.ts","./src/p256/encoding.ts","./src/p256/keypair.ts","./src/p256/operations.ts","./src/p256/plugin.ts","./src/secp256k1/encoding.ts","./src/secp256k1/keypair.ts","./src/secp256k1/operations.ts","./src/secp256k1/plugin.ts"],"version":"5.6.3"}
@@ -0,0 +1 @@
1
+ {"root":["./tests/did.test.ts","./tests/key-compression.test.ts","./tests/keypairs.test.ts","./tests/random.test.ts","./tests/signatures.test.ts"],"version":"5.6.3"}