@atproto/identity 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,12 @@
1
1
  # @atproto/identity
2
2
 
3
+ ## 0.3.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`e1b5f253`](https://github.com/bluesky-social/atproto/commit/e1b5f2537a5ba4d8b951a741269b604856028ae5)]:
8
+ - @atproto/crypto@0.3.0
9
+
3
10
  ## 0.3.1
4
11
 
5
12
  ### Patch Changes
package/dist/index.js CHANGED
@@ -24184,11 +24184,23 @@ var verifyDidSig = async (did, data, sig, opts) => {
24184
24184
  return verifySig(keyBytes, data, sig, opts);
24185
24185
  };
24186
24186
  var verifySig = async (publicKey, data, sig, opts) => {
24187
+ const allowMalleable = opts?.allowMalleableSig ?? false;
24187
24188
  const msgHash = await sha2562(data);
24189
+ if (!allowMalleable && !isCompactFormat(sig)) {
24190
+ return false;
24191
+ }
24188
24192
  return p256.verify(sig, msgHash, publicKey, {
24189
- lowS: opts?.lowS ?? true
24193
+ lowS: !allowMalleable
24190
24194
  });
24191
24195
  };
24196
+ var isCompactFormat = (sig) => {
24197
+ try {
24198
+ const parsed = p256.Signature.fromCompact(sig);
24199
+ return equals(parsed.toCompactRawBytes(), sig);
24200
+ } catch {
24201
+ return false;
24202
+ }
24203
+ };
24192
24204
 
24193
24205
  // ../crypto/src/p256/plugin.ts
24194
24206
  var p256Plugin = {
@@ -24207,11 +24219,23 @@ var verifyDidSig2 = async (did, data, sig, opts) => {
24207
24219
  return verifySig2(keyBytes, data, sig, opts);
24208
24220
  };
24209
24221
  var verifySig2 = async (publicKey, data, sig, opts) => {
24222
+ const allowMalleable = opts?.allowMalleableSig ?? false;
24210
24223
  const msgHash = await sha2562(data);
24224
+ if (!allowMalleable && !isCompactFormat2(sig)) {
24225
+ return false;
24226
+ }
24211
24227
  return secp256k1.verify(sig, msgHash, publicKey, {
24212
- lowS: opts?.lowS ?? true
24228
+ lowS: !allowMalleable
24213
24229
  });
24214
24230
  };
24231
+ var isCompactFormat2 = (sig) => {
24232
+ try {
24233
+ const parsed = secp256k1.Signature.fromCompact(sig);
24234
+ return equals(parsed.toCompactRawBytes(), sig);
24235
+ } catch {
24236
+ return false;
24237
+ }
24238
+ };
24215
24239
 
24216
24240
  // ../crypto/src/secp256k1/plugin.ts
24217
24241
  var secp256k1Plugin = {