@atproto/repo 0.3.4 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,21 @@
1
1
  # @atproto/repo
2
2
 
3
+ ## 0.3.6
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`3c0ef382`](https://github.com/bluesky-social/atproto/commit/3c0ef382c12a413cc971ae47ffb341236c545f60)]:
8
+ - @atproto/syntax@0.1.5
9
+ - @atproto/lexicon@0.3.1
10
+
11
+ ## 0.3.5
12
+
13
+ ### Patch Changes
14
+
15
+ - Updated dependencies [[`e1b5f253`](https://github.com/bluesky-social/atproto/commit/e1b5f2537a5ba4d8b951a741269b604856028ae5)]:
16
+ - @atproto/crypto@0.3.0
17
+ - @atproto/identity@0.3.2
18
+
3
19
  ## 0.3.4
4
20
 
5
21
  ### Patch Changes
package/dist/index.js CHANGED
@@ -24545,11 +24545,23 @@ var verifyDidSig = async (did2, data, sig, opts) => {
24545
24545
  return verifySig(keyBytes, data, sig, opts);
24546
24546
  };
24547
24547
  var verifySig = async (publicKey, data, sig, opts) => {
24548
+ const allowMalleable = opts?.allowMalleableSig ?? false;
24548
24549
  const msgHash = await sha2562(data);
24550
+ if (!allowMalleable && !isCompactFormat(sig)) {
24551
+ return false;
24552
+ }
24549
24553
  return p256.verify(sig, msgHash, publicKey, {
24550
- lowS: opts?.lowS ?? true
24554
+ lowS: !allowMalleable
24551
24555
  });
24552
24556
  };
24557
+ var isCompactFormat = (sig) => {
24558
+ try {
24559
+ const parsed = p256.Signature.fromCompact(sig);
24560
+ return equals3(parsed.toCompactRawBytes(), sig);
24561
+ } catch {
24562
+ return false;
24563
+ }
24564
+ };
24553
24565
 
24554
24566
  // ../crypto/src/p256/plugin.ts
24555
24567
  var p256Plugin = {
@@ -24568,11 +24580,23 @@ var verifyDidSig2 = async (did2, data, sig, opts) => {
24568
24580
  return verifySig2(keyBytes, data, sig, opts);
24569
24581
  };
24570
24582
  var verifySig2 = async (publicKey, data, sig, opts) => {
24583
+ const allowMalleable = opts?.allowMalleableSig ?? false;
24571
24584
  const msgHash = await sha2562(data);
24585
+ if (!allowMalleable && !isCompactFormat2(sig)) {
24586
+ return false;
24587
+ }
24572
24588
  return secp256k1.verify(sig, msgHash, publicKey, {
24573
- lowS: opts?.lowS ?? true
24589
+ lowS: !allowMalleable
24574
24590
  });
24575
24591
  };
24592
+ var isCompactFormat2 = (sig) => {
24593
+ try {
24594
+ const parsed = secp256k1.Signature.fromCompact(sig);
24595
+ return equals3(parsed.toCompactRawBytes(), sig);
24596
+ } catch {
24597
+ return false;
24598
+ }
24599
+ };
24576
24600
 
24577
24601
  // ../crypto/src/secp256k1/plugin.ts
24578
24602
  var secp256k1Plugin = {