@atproto/crypto 0.4.1 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/multibase.js +1 -1
- package/dist/multibase.js.map +1 -1
- package/dist/p256/operations.d.ts.map +1 -1
- package/dist/p256/operations.js +1 -5
- package/dist/p256/operations.js.map +1 -1
- package/dist/random.d.ts.map +1 -1
- package/dist/secp256k1/operations.d.ts.map +1 -1
- package/dist/secp256k1/operations.js +1 -5
- package/dist/secp256k1/operations.js.map +1 -1
- package/dist/sha.d.ts.map +1 -1
- package/dist/verify.d.ts.map +1 -1
- package/package.json +5 -4
- package/src/index.ts +1 -0
- package/src/multibase.ts +1 -1
- package/src/p256/operations.ts +1 -5
- package/src/secp256k1/operations.ts +1 -5
- package/tsconfig.build.tsbuildinfo +1 -0
- package/tsconfig.tests.tsbuildinfo +1 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
# @atproto/crypto
|
|
2
2
|
|
|
3
|
+
## 0.4.3
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- [#3335](https://github.com/bluesky-social/atproto/pull/3335) [`1abfd74ec`](https://github.com/bluesky-social/atproto/commit/1abfd74ec7114e5d8e2411f7a4fa10bdce97e277) Thanks [@dholms](https://github.com/dholms)! - Update noble crypto libraries
|
|
8
|
+
|
|
9
|
+
## 0.4.2
|
|
10
|
+
|
|
11
|
+
### Patch Changes
|
|
12
|
+
|
|
13
|
+
- [#2936](https://github.com/bluesky-social/atproto/pull/2936) [`1982693e3`](https://github.com/bluesky-social/atproto/commit/1982693e3ea1fef4db76ac9aca3db8dc5ebf3fe0) Thanks [@rafaelbsky](https://github.com/rafaelbsky)! - Export utils
|
|
14
|
+
|
|
3
15
|
## 0.4.1
|
|
4
16
|
|
|
5
17
|
### Patch Changes
|
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA;AACvB,cAAc,OAAO,CAAA;AACrB,cAAc,aAAa,CAAA;AAC3B,cAAc,UAAU,CAAA;AACxB,cAAc,OAAO,CAAA;AACrB,cAAc,SAAS,CAAA;AACvB,cAAc,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAA;AACvB,cAAc,OAAO,CAAA;AACrB,cAAc,aAAa,CAAA;AAC3B,cAAc,UAAU,CAAA;AACxB,cAAc,OAAO,CAAA;AACrB,cAAc,SAAS,CAAA;AACvB,cAAc,UAAU,CAAA;AACxB,cAAc,SAAS,CAAA;AAEvB,cAAc,gBAAgB,CAAA;AAC9B,cAAc,eAAe,CAAA;AAE7B,cAAc,qBAAqB,CAAA;AACnC,cAAc,oBAAoB,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -21,6 +21,7 @@ __exportStar(require("./random"), exports);
|
|
|
21
21
|
__exportStar(require("./sha"), exports);
|
|
22
22
|
__exportStar(require("./types"), exports);
|
|
23
23
|
__exportStar(require("./verify"), exports);
|
|
24
|
+
__exportStar(require("./utils"), exports);
|
|
24
25
|
__exportStar(require("./p256/keypair"), exports);
|
|
25
26
|
__exportStar(require("./p256/plugin"), exports);
|
|
26
27
|
__exportStar(require("./secp256k1/keypair"), exports);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAuB;AACvB,wCAAqB;AACrB,8CAA2B;AAC3B,2CAAwB;AACxB,wCAAqB;AACrB,0CAAuB;AACvB,2CAAwB;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAuB;AACvB,wCAAqB;AACrB,8CAA2B;AAC3B,2CAAwB;AACxB,wCAAqB;AACrB,0CAAuB;AACvB,2CAAwB;AACxB,0CAAuB;AAEvB,iDAA8B;AAC9B,gDAA6B;AAE7B,sDAAmC;AACnC,qDAAkC"}
|
package/dist/multibase.js
CHANGED
|
@@ -69,7 +69,7 @@ const bytesToMultibase = (mb, encoding) => {
|
|
|
69
69
|
case 'base64urlpad':
|
|
70
70
|
return 'U' + uint8arrays.toString(mb, encoding);
|
|
71
71
|
default:
|
|
72
|
-
throw new Error(`Unsupported multibase: :${
|
|
72
|
+
throw new Error(`Unsupported multibase: :${encoding}`);
|
|
73
73
|
}
|
|
74
74
|
};
|
|
75
75
|
exports.bytesToMultibase = bytesToMultibase;
|
package/dist/multibase.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"multibase.js","sourceRoot":"","sources":["../src/multibase.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yDAA0C;AAGnC,MAAM,gBAAgB,GAAG,CAAC,EAAU,EAAc,EAAE;IACzD,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;IAClB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACvB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;QACpD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAA;AAvBY,QAAA,gBAAgB,oBAuB5B;AAEM,MAAM,gBAAgB,GAAG,CAC9B,EAAc,EACd,QAA4B,EACpB,EAAE;IACV,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,cAAc;YACjB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,
|
|
1
|
+
{"version":3,"file":"multibase.js","sourceRoot":"","sources":["../src/multibase.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yDAA0C;AAGnC,MAAM,gBAAgB,GAAG,CAAC,EAAU,EAAc,EAAE;IACzD,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;IAClB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACvB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAC9C,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QACjD,KAAK,GAAG;YACN,OAAO,WAAW,CAAC,UAAU,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;QACpD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAA;AAvBY,QAAA,gBAAgB,oBAuB5B;AAEM,MAAM,gBAAgB,GAAG,CAC9B,EAAc,EACd,QAA4B,EACpB,EAAE;IACV,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,aAAa;YAChB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,QAAQ;YACX,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,WAAW;YACd,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD,KAAK,cAAc;YACjB,OAAO,GAAG,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;QACjD;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAA;IAC1D,CAAC;AACH,CAAC,CAAA;AAxBY,QAAA,gBAAgB,oBAwB5B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,
|
|
1
|
+
{"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
|
package/dist/p256/operations.js
CHANGED
|
@@ -18,12 +18,8 @@ exports.verifyDidSig = verifyDidSig;
|
|
|
18
18
|
const verifySig = async (publicKey, data, sig, opts) => {
|
|
19
19
|
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
20
20
|
const msgHash = await (0, sha256_1.sha256)(data);
|
|
21
|
-
// parse as compact sig to prevent signature malleability
|
|
22
|
-
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
23
|
-
if (!allowMalleable && !(0, exports.isCompactFormat)(sig)) {
|
|
24
|
-
return false;
|
|
25
|
-
}
|
|
26
21
|
return p256_1.p256.verify(sig, msgHash, publicKey, {
|
|
22
|
+
format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
|
|
27
23
|
lowS: !allowMalleable,
|
|
28
24
|
});
|
|
29
25
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":";;;AAAA,6CAAyC;AACzC,iDAA6C;AAC7C,6CAAiD;AAEjD,oCAA0C;AAE1C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,uBAAe,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAA;IAChD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,uBAAe,CAAC,MAAM,CAAC,CAAA;IAC5D,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,
|
|
1
|
+
{"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/p256/operations.ts"],"names":[],"mappings":";;;AAAA,6CAAyC;AACzC,iDAA6C;AAC7C,6CAAiD;AAEjD,oCAA0C;AAE1C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,uBAAe,CAAC,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAA;IAChD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,uBAAe,CAAC,MAAM,CAAC,CAAA;IAC5D,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,OAAO,WAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,EAAE,iCAAiC;QACjF,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAZY,QAAA,SAAS,aAYrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,WAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,IAAA,oBAAS,EAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
|
package/dist/random.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"random.d.ts","sourceRoot":"","sources":["../src/random.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,qBAAqB,CAAA;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAG1D,eAAO,MAAM,WAAW,0BAAoB,CAAA;AAE5C,eAAO,MAAM,SAAS,eACR,MAAM,YACR,kBAAkB,KAC3B,MAGF,CAAA;AAED,eAAO,MAAM,iBAAiB,SACtB,MAAM,QACN,MAAM,mBAEX,
|
|
1
|
+
{"version":3,"file":"random.d.ts","sourceRoot":"","sources":["../src/random.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,qBAAqB,CAAA;AAE5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AAG1D,eAAO,MAAM,WAAW,0BAAoB,CAAA;AAE5C,eAAO,MAAM,SAAS,eACR,MAAM,YACR,kBAAkB,KAC3B,MAGF,CAAA;AAED,eAAO,MAAM,iBAAiB,SACtB,MAAM,QACN,MAAM,mBAEX,OAAO,CAAC,MAAM,CAMhB,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,
|
|
1
|
+
{"version":3,"file":"operations.d.ts","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,eAAO,MAAM,YAAY,QAClB,MAAM,QACL,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,SAAS,cACT,UAAU,QACf,UAAU,OACX,UAAU,SACR,aAAa,KACnB,OAAO,CAAC,OAAO,CAOjB,CAAA;AAED,eAAO,MAAM,eAAe,QAAS,UAAU,YAO9C,CAAA"}
|
|
@@ -41,12 +41,8 @@ exports.verifyDidSig = verifyDidSig;
|
|
|
41
41
|
const verifySig = async (publicKey, data, sig, opts) => {
|
|
42
42
|
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
43
43
|
const msgHash = await (0, sha256_1.sha256)(data);
|
|
44
|
-
// parse as compact sig to prevent signature malleability
|
|
45
|
-
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
46
|
-
if (!allowMalleable && !(0, exports.isCompactFormat)(sig)) {
|
|
47
|
-
return false;
|
|
48
|
-
}
|
|
49
44
|
return secp256k1_1.secp256k1.verify(sig, msgHash, publicKey, {
|
|
45
|
+
format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
|
|
50
46
|
lowS: !allowMalleable,
|
|
51
47
|
});
|
|
52
48
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAA2D;AAC3D,iDAA6C;AAC7C,iDAAkC;AAElC,oCAA+C;AAE/C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,4BAAoB,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,4BAAoB,CAAC,MAAM,CAAC,CAAA;IACjE,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,
|
|
1
|
+
{"version":3,"file":"operations.js","sourceRoot":"","sources":["../../src/secp256k1/operations.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uDAA2D;AAC3D,iDAA6C;AAC7C,iDAAkC;AAElC,oCAA+C;AAE/C,oCAA2E;AAEpE,MAAM,YAAY,GAAG,KAAK,EAC/B,GAAW,EACX,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,aAAa,GAAG,IAAA,4BAAoB,EAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,CAAC,CAAA;IAChE,IAAI,CAAC,IAAA,iBAAS,EAAC,aAAa,EAAE,4BAAoB,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAA;IACpD,CAAC;IACD,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,4BAAoB,CAAC,MAAM,CAAC,CAAA;IACjE,OAAO,IAAA,iBAAS,EAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AAC7C,CAAC,CAAA;AAZY,QAAA,YAAY,gBAYxB;AAEM,MAAM,SAAS,GAAG,KAAK,EAC5B,SAAqB,EACrB,IAAgB,EAChB,GAAe,EACf,IAAoB,EACF,EAAE;IACpB,MAAM,cAAc,GAAG,IAAI,EAAE,iBAAiB,IAAI,KAAK,CAAA;IACvD,MAAM,OAAO,GAAG,MAAM,IAAA,eAAM,EAAC,IAAI,CAAC,CAAA;IAClC,OAAO,qBAAI,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE;QAC1C,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,EAAE,iCAAiC;QACjF,IAAI,EAAE,CAAC,cAAc;KACtB,CAAC,CAAA;AACJ,CAAC,CAAA;AAZY,QAAA,SAAS,aAYrB;AAEM,MAAM,eAAe,GAAG,CAAC,GAAe,EAAE,EAAE;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,qBAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC9C,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAA;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAPY,QAAA,eAAe,mBAO3B"}
|
package/dist/sha.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sha.d.ts","sourceRoot":"","sources":["../src/sha.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,MAAM,UACV,UAAU,GAAG,MAAM,KACzB,
|
|
1
|
+
{"version":3,"file":"sha.d.ts","sourceRoot":"","sources":["../src/sha.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,MAAM,UACV,UAAU,GAAG,MAAM,KACzB,OAAO,CAAC,UAAU,CAIpB,CAAA;AAGD,eAAO,MAAM,SAAS,UACb,UAAU,GAAG,MAAM,KACzB,OAAO,CAAC,MAAM,CAGhB,CAAA"}
|
package/dist/verify.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAEvC,eAAO,MAAM,eAAe,WAClB,MAAM,QACR,UAAU,OACX,UAAU,SACR,aAAa,GAAG;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,KACA,
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAEvC,eAAO,MAAM,eAAe,WAClB,MAAM,QACR,UAAU,OACX,UAAU,SACR,aAAa,GAAG;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,KACA,OAAO,CAAC,OAAO,CAUjB,CAAA;AAED,eAAO,MAAM,mBAAmB,WACtB,MAAM,QACR,MAAM,OACP,MAAM,SACJ,aAAa,KACnB,OAAO,CAAC,OAAO,CAIjB,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@atproto/crypto",
|
|
3
|
-
"version": "0.4.
|
|
3
|
+
"version": "0.4.3",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"description": "Library for cryptographic keys and signing in atproto",
|
|
6
6
|
"keywords": [
|
|
@@ -16,13 +16,14 @@
|
|
|
16
16
|
"main": "dist/index.js",
|
|
17
17
|
"types": "dist/index.d.ts",
|
|
18
18
|
"dependencies": {
|
|
19
|
-
"@noble/curves": "^1.
|
|
20
|
-
"@noble/hashes": "^1.
|
|
19
|
+
"@noble/curves": "^1.7.0",
|
|
20
|
+
"@noble/hashes": "^1.6.1",
|
|
21
21
|
"uint8arrays": "3.0.0"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
24
|
"jest": "^28.1.2",
|
|
25
|
-
"
|
|
25
|
+
"typescript": "^5.6.3",
|
|
26
|
+
"@atproto/common": "^0.4.6"
|
|
26
27
|
},
|
|
27
28
|
"scripts": {
|
|
28
29
|
"test": "jest ",
|
package/src/index.ts
CHANGED
package/src/multibase.ts
CHANGED
package/src/p256/operations.ts
CHANGED
|
@@ -28,12 +28,8 @@ export const verifySig = async (
|
|
|
28
28
|
): Promise<boolean> => {
|
|
29
29
|
const allowMalleable = opts?.allowMalleableSig ?? false
|
|
30
30
|
const msgHash = await sha256(data)
|
|
31
|
-
// parse as compact sig to prevent signature malleability
|
|
32
|
-
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
33
|
-
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
34
|
-
return false
|
|
35
|
-
}
|
|
36
31
|
return p256.verify(sig, msgHash, publicKey, {
|
|
32
|
+
format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
|
|
37
33
|
lowS: !allowMalleable,
|
|
38
34
|
})
|
|
39
35
|
}
|
|
@@ -28,12 +28,8 @@ export const verifySig = async (
|
|
|
28
28
|
): Promise<boolean> => {
|
|
29
29
|
const allowMalleable = opts?.allowMalleableSig ?? false
|
|
30
30
|
const msgHash = await sha256(data)
|
|
31
|
-
// parse as compact sig to prevent signature malleability
|
|
32
|
-
// library supports sigs in 2 different formats: https://github.com/paulmillr/noble-curves/issues/99
|
|
33
|
-
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
34
|
-
return false
|
|
35
|
-
}
|
|
36
31
|
return k256.verify(sig, msgHash, publicKey, {
|
|
32
|
+
format: allowMalleable ? undefined : 'compact', // prevent DER-encoded signatures
|
|
37
33
|
lowS: !allowMalleable,
|
|
38
34
|
})
|
|
39
35
|
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"root":["./src/const.ts","./src/did.ts","./src/index.ts","./src/multibase.ts","./src/plugins.ts","./src/random.ts","./src/sha.ts","./src/types.ts","./src/utils.ts","./src/verify.ts","./src/p256/encoding.ts","./src/p256/keypair.ts","./src/p256/operations.ts","./src/p256/plugin.ts","./src/secp256k1/encoding.ts","./src/secp256k1/keypair.ts","./src/secp256k1/operations.ts","./src/secp256k1/plugin.ts"],"version":"5.6.3"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"root":["./tests/did.test.ts","./tests/key-compression.test.ts","./tests/keypairs.test.ts","./tests/random.test.ts","./tests/signatures.test.ts"],"version":"5.6.3"}
|