@atproto/identity 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/dist/index.js +26 -2
- package/dist/index.js.map +2 -2
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
package/dist/index.js
CHANGED
|
@@ -24184,11 +24184,23 @@ var verifyDidSig = async (did, data, sig, opts) => {
|
|
|
24184
24184
|
return verifySig(keyBytes, data, sig, opts);
|
|
24185
24185
|
};
|
|
24186
24186
|
var verifySig = async (publicKey, data, sig, opts) => {
|
|
24187
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
24187
24188
|
const msgHash = await sha2562(data);
|
|
24189
|
+
if (!allowMalleable && !isCompactFormat(sig)) {
|
|
24190
|
+
return false;
|
|
24191
|
+
}
|
|
24188
24192
|
return p256.verify(sig, msgHash, publicKey, {
|
|
24189
|
-
lowS:
|
|
24193
|
+
lowS: !allowMalleable
|
|
24190
24194
|
});
|
|
24191
24195
|
};
|
|
24196
|
+
var isCompactFormat = (sig) => {
|
|
24197
|
+
try {
|
|
24198
|
+
const parsed = p256.Signature.fromCompact(sig);
|
|
24199
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
24200
|
+
} catch {
|
|
24201
|
+
return false;
|
|
24202
|
+
}
|
|
24203
|
+
};
|
|
24192
24204
|
|
|
24193
24205
|
// ../crypto/src/p256/plugin.ts
|
|
24194
24206
|
var p256Plugin = {
|
|
@@ -24207,11 +24219,23 @@ var verifyDidSig2 = async (did, data, sig, opts) => {
|
|
|
24207
24219
|
return verifySig2(keyBytes, data, sig, opts);
|
|
24208
24220
|
};
|
|
24209
24221
|
var verifySig2 = async (publicKey, data, sig, opts) => {
|
|
24222
|
+
const allowMalleable = opts?.allowMalleableSig ?? false;
|
|
24210
24223
|
const msgHash = await sha2562(data);
|
|
24224
|
+
if (!allowMalleable && !isCompactFormat2(sig)) {
|
|
24225
|
+
return false;
|
|
24226
|
+
}
|
|
24211
24227
|
return secp256k1.verify(sig, msgHash, publicKey, {
|
|
24212
|
-
lowS:
|
|
24228
|
+
lowS: !allowMalleable
|
|
24213
24229
|
});
|
|
24214
24230
|
};
|
|
24231
|
+
var isCompactFormat2 = (sig) => {
|
|
24232
|
+
try {
|
|
24233
|
+
const parsed = secp256k1.Signature.fromCompact(sig);
|
|
24234
|
+
return equals(parsed.toCompactRawBytes(), sig);
|
|
24235
|
+
} catch {
|
|
24236
|
+
return false;
|
|
24237
|
+
}
|
|
24238
|
+
};
|
|
24215
24239
|
|
|
24216
24240
|
// ../crypto/src/secp256k1/plugin.ts
|
|
24217
24241
|
var secp256k1Plugin = {
|