@dxos/crypto 0.6.12-staging.e11e696 → 0.6.13-main.041e8aa
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/browser/index.mjs +25 -6
- package/dist/lib/browser/index.mjs.map +3 -3
- package/dist/lib/browser/meta.json +1 -1
- package/dist/lib/node/index.cjs +26 -6
- package/dist/lib/node/index.cjs.map +3 -3
- package/dist/lib/node/meta.json +1 -1
- package/dist/lib/node-esm/index.mjs +25 -6
- package/dist/lib/node-esm/index.mjs.map +3 -3
- package/dist/lib/node-esm/meta.json +1 -1
- package/dist/types/src/verify.d.ts +8 -1
- package/dist/types/src/verify.d.ts.map +1 -1
- package/dist/types/src/verify.test.d.ts +5 -0
- package/dist/types/src/verify.test.d.ts.map +1 -0
- package/package.json +4 -4
- package/src/verify.test.ts +26 -0
- package/src/verify.ts +23 -12
|
@@ -97,23 +97,41 @@ import { verify as verify2 } from "#hypercore-crypto";
|
|
|
97
97
|
var getSignatureValidator = (publicKey) => (message, signature) => verify2(message, signature, PublicKey2.bufferize(publicKey));
|
|
98
98
|
|
|
99
99
|
// packages/common/crypto/src/verify.ts
|
|
100
|
-
var verifySignature = async (key, message, signature
|
|
100
|
+
var verifySignature = async (key, message, signature, algorithm = {
|
|
101
|
+
name: "ECDSA",
|
|
102
|
+
namedCurve: "P-256"
|
|
103
|
+
}) => {
|
|
101
104
|
let publicKey;
|
|
102
105
|
try {
|
|
103
|
-
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(),
|
|
104
|
-
name: "ECDSA",
|
|
105
|
-
namedCurve: "P-256"
|
|
106
|
-
}, true, [
|
|
106
|
+
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(), algorithm, true, [
|
|
107
107
|
"verify"
|
|
108
108
|
]);
|
|
109
109
|
} catch {
|
|
110
110
|
return false;
|
|
111
111
|
}
|
|
112
112
|
return subtleCrypto.verify({
|
|
113
|
-
name:
|
|
113
|
+
name: algorithm.name,
|
|
114
114
|
hash: "SHA-256"
|
|
115
115
|
}, publicKey, signature, message);
|
|
116
116
|
};
|
|
117
|
+
var ed25519Signature = async (secretKey, message) => {
|
|
118
|
+
const curve = "Ed25519";
|
|
119
|
+
const privateKeyJwk = {
|
|
120
|
+
kty: "OKP",
|
|
121
|
+
crv: curve,
|
|
122
|
+
x: Buffer.from(secretKey.subarray(32)).toString("base64url"),
|
|
123
|
+
d: Buffer.from(secretKey.subarray(0, 32)).toString("base64url")
|
|
124
|
+
};
|
|
125
|
+
const key = await subtleCrypto.importKey("jwk", privateKeyJwk, {
|
|
126
|
+
name: curve
|
|
127
|
+
}, true, [
|
|
128
|
+
"sign"
|
|
129
|
+
]);
|
|
130
|
+
return new Uint8Array(await subtleCrypto.sign({
|
|
131
|
+
name: curve,
|
|
132
|
+
hash: "SHA-256"
|
|
133
|
+
}, key, message));
|
|
134
|
+
};
|
|
117
135
|
|
|
118
136
|
// packages/common/crypto/src/uuid.ts
|
|
119
137
|
var randomUUID = () => {
|
|
@@ -124,6 +142,7 @@ export {
|
|
|
124
142
|
createId,
|
|
125
143
|
createKeyPair,
|
|
126
144
|
discoveryKey,
|
|
145
|
+
ed25519Signature,
|
|
127
146
|
getSignatureValidator,
|
|
128
147
|
randomBytes,
|
|
129
148
|
randomUUID,
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/keys.ts", "../../../src/browser/subtle.ts", "../../../src/validator.ts", "../../../src/verify.ts", "../../../src/uuid.ts"],
|
|
4
|
-
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\n// Replacement implementation for the browser (see package.json).\n\nexport const subtleCrypto = crypto.subtle;\n\nexport const webcrypto = crypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (key: PublicKey
|
|
5
|
-
"mappings": ";;;;;;;;;;AAIA,SAASA,iBAAiB;AAC1B,SAAuBC,WAA+BC,mBAAmBC,yBAAyB;AAElG,OAAOC,aAAY;;AAEZ,IAAMC,mBAAmB;AAMzB,IAAMC,WAAW,MAAcL,UAAUM,UAAUC,YAAY,EAAA,CAAA;AAE/D,IAAMC,gBAAgB,CAACC,SAAAA;AAC5B,MAAIA,MAAM;AACRV,cAAUU,KAAKC,UAAU,IAAI,gDAAA;;;;;;;;;AAC7B,WAAOP,QAAOQ,QAAQF,KAAKG,MAAM,GAAG,EAAA,CAAA;EACtC;AAGA,SAAOT,QAAOQ,QAAO;AACvB;AAGO,IAAME,kBAAkB,CAACC,WAAsBC,cACpDZ,QAAOU,gBAAgB;EAAEC,WAAWA,UAAUE,SAAQ;EAAID;AAAU,CAAA;AAG/D,IAAME,eAAe,CAACC,QAC3Bf,QAAOc,aAAajB,UAAUmB,KAAKD,GAAAA,EAAKF,SAAQ,EAAGJ,MAAM,CAAA,CAAA;AAOpD,IAAML,cAAc,CAACG,SAAS,OAAeP,QAAOI,YAAYG,MAAAA;AAQhE,IAAMU,OAAO,CAACC,SAAiBN,cAAAA;AACpChB,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASR,SAAAA,KAAcA,UAAUL,WAAWR,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOC,QAAOiB,KAAKC,SAASN,SAAAA;AAC9B;AASO,IAAMS,SAAS,CAACH,SAAiBI,WAAmBX,cAAAA;AACzDf,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASE,SAAAA,KAAcA,UAAUf,WAAWN,kBAAAA,QAAAA;;;;;;;;;AAC7DL,YAAUuB,OAAOC,SAAST,SAAAA,KAAcA,UAAUJ,WAAWT,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOE,QAAOqB,OAAOH,SAASI,WAAWX,SAAAA;AAC3C;;;AC9DO,IAAMY,eAAeC,OAAOC;AAE5B,IAAMC,YAAYF;;;ACJzB,SAASG,aAAAA,kBAAiB;AAE1B,SAASC,UAAAA,eAAc;AAMhB,IAAMC,wBAAwB,CAACC,cAAsB,CAACC,SAAiBC,cAC5EC,QAAOF,SAASC,WAAWE,WAAUC,UAAUL,SAAAA,CAAAA;;;ACF1C,IAAMM,kBAAkB,
|
|
6
|
-
"names": ["invariant", "PublicKey", "PUBLIC_KEY_LENGTH", "SECRET_KEY_LENGTH", "crypto", "SIGNATURE_LENGTH", "createId", "stringify", "randomBytes", "createKeyPair", "seed", "length", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "verify", "signature", "subtleCrypto", "crypto", "subtle", "webcrypto", "PublicKey", "verify", "getSignatureValidator", "publicKey", "message", "signature", "verify", "PublicKey", "bufferize", "verifySignature", "key", "message", "signature", "publicKey", "subtleCrypto", "importKey", "asUint8Array", "
|
|
4
|
+
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\n// Replacement implementation for the browser (see package.json).\n\nexport const subtleCrypto = crypto.subtle;\n\nexport const webcrypto = crypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (\n key: PublicKey,\n message: Uint8Array,\n signature: Uint8Array,\n algorithm: { name: string; namedCurve?: string } = { name: 'ECDSA', namedCurve: 'P-256' },\n): Promise<boolean> => {\n let publicKey!: CryptoKey;\n\n try {\n publicKey = await subtleCrypto.importKey('raw', key.asUint8Array(), algorithm, true, ['verify']);\n } catch {\n return false;\n }\n\n return subtleCrypto.verify(\n {\n name: algorithm.name,\n hash: 'SHA-256',\n },\n publicKey,\n signature,\n message,\n );\n};\n\n/**\n * Creates an Ed25519 (libsodium keypair format) signature.\n */\nexport const ed25519Signature = async (secretKey: Uint8Array, message: Uint8Array): Promise<Uint8Array> => {\n const curve = 'Ed25519';\n const privateKeyJwk = {\n kty: 'OKP',\n crv: curve,\n x: Buffer.from(secretKey.subarray(32)).toString('base64url'),\n d: Buffer.from(secretKey.subarray(0, 32)).toString('base64url'),\n };\n const key = await subtleCrypto.importKey('jwk', privateKeyJwk, { name: curve }, true, ['sign']);\n return new Uint8Array(await subtleCrypto.sign({ name: curve, hash: 'SHA-256' }, key, message));\n};\n", "//\n// Copyright 2024 DXOS.org\n//\n\nimport { webcrypto } from './subtle';\n\nexport const randomUUID = (): string => {\n return webcrypto.randomUUID();\n};\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;AAIA,SAASA,iBAAiB;AAC1B,SAAuBC,WAA+BC,mBAAmBC,yBAAyB;AAElG,OAAOC,aAAY;;AAEZ,IAAMC,mBAAmB;AAMzB,IAAMC,WAAW,MAAcL,UAAUM,UAAUC,YAAY,EAAA,CAAA;AAE/D,IAAMC,gBAAgB,CAACC,SAAAA;AAC5B,MAAIA,MAAM;AACRV,cAAUU,KAAKC,UAAU,IAAI,gDAAA;;;;;;;;;AAC7B,WAAOP,QAAOQ,QAAQF,KAAKG,MAAM,GAAG,EAAA,CAAA;EACtC;AAGA,SAAOT,QAAOQ,QAAO;AACvB;AAGO,IAAME,kBAAkB,CAACC,WAAsBC,cACpDZ,QAAOU,gBAAgB;EAAEC,WAAWA,UAAUE,SAAQ;EAAID;AAAU,CAAA;AAG/D,IAAME,eAAe,CAACC,QAC3Bf,QAAOc,aAAajB,UAAUmB,KAAKD,GAAAA,EAAKF,SAAQ,EAAGJ,MAAM,CAAA,CAAA;AAOpD,IAAML,cAAc,CAACG,SAAS,OAAeP,QAAOI,YAAYG,MAAAA;AAQhE,IAAMU,OAAO,CAACC,SAAiBN,cAAAA;AACpChB,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASR,SAAAA,KAAcA,UAAUL,WAAWR,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOC,QAAOiB,KAAKC,SAASN,SAAAA;AAC9B;AASO,IAAMS,SAAS,CAACH,SAAiBI,WAAmBX,cAAAA;AACzDf,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASE,SAAAA,KAAcA,UAAUf,WAAWN,kBAAAA,QAAAA;;;;;;;;;AAC7DL,YAAUuB,OAAOC,SAAST,SAAAA,KAAcA,UAAUJ,WAAWT,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOE,QAAOqB,OAAOH,SAASI,WAAWX,SAAAA;AAC3C;;;AC9DO,IAAMY,eAAeC,OAAOC;AAE5B,IAAMC,YAAYF;;;ACJzB,SAASG,aAAAA,kBAAiB;AAE1B,SAASC,UAAAA,eAAc;AAMhB,IAAMC,wBAAwB,CAACC,cAAsB,CAACC,SAAiBC,cAC5EC,QAAOF,SAASC,WAAWE,WAAUC,UAAUL,SAAAA,CAAAA;;;ACF1C,IAAMM,kBAAkB,OAC7BC,KACAC,SACAC,WACAC,YAAmD;EAAEC,MAAM;EAASC,YAAY;AAAQ,MAAC;AAEzF,MAAIC;AAEJ,MAAI;AACFA,gBAAY,MAAMC,aAAaC,UAAU,OAAOR,IAAIS,aAAY,GAAIN,WAAW,MAAM;MAAC;KAAS;EACjG,QAAQ;AACN,WAAO;EACT;AAEA,SAAOI,aAAaG,OAClB;IACEN,MAAMD,UAAUC;IAChBO,MAAM;EACR,GACAL,WACAJ,WACAD,OAAAA;AAEJ;AAKO,IAAMW,mBAAmB,OAAOC,WAAuBZ,YAAAA;AAC5D,QAAMa,QAAQ;AACd,QAAMC,gBAAgB;IACpBC,KAAK;IACLC,KAAKH;IACLI,GAAGC,OAAOC,KAAKP,UAAUQ,SAAS,EAAA,CAAA,EAAKC,SAAS,WAAA;IAChDC,GAAGJ,OAAOC,KAAKP,UAAUQ,SAAS,GAAG,EAAA,CAAA,EAAKC,SAAS,WAAA;EACrD;AACA,QAAMtB,MAAM,MAAMO,aAAaC,UAAU,OAAOO,eAAe;IAAEX,MAAMU;EAAM,GAAG,MAAM;IAAC;GAAO;AAC9F,SAAO,IAAIU,WAAW,MAAMjB,aAAakB,KAAK;IAAErB,MAAMU;IAAOH,MAAM;EAAU,GAAGX,KAAKC,OAAAA,CAAAA;AACvF;;;AC3CO,IAAMyB,aAAa,MAAA;AACxB,SAAOC,UAAUD,WAAU;AAC7B;",
|
|
6
|
+
"names": ["invariant", "PublicKey", "PUBLIC_KEY_LENGTH", "SECRET_KEY_LENGTH", "crypto", "SIGNATURE_LENGTH", "createId", "stringify", "randomBytes", "createKeyPair", "seed", "length", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "verify", "signature", "subtleCrypto", "crypto", "subtle", "webcrypto", "PublicKey", "verify", "getSignatureValidator", "publicKey", "message", "signature", "verify", "PublicKey", "bufferize", "verifySignature", "key", "message", "signature", "algorithm", "name", "namedCurve", "publicKey", "subtleCrypto", "importKey", "asUint8Array", "verify", "hash", "ed25519Signature", "secretKey", "curve", "privateKeyJwk", "kty", "crv", "x", "Buffer", "from", "subarray", "toString", "d", "Uint8Array", "sign", "randomUUID", "webcrypto"]
|
|
7
7
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"inputs":{"inject-globals:@inject-globals":{"bytes":324,"imports":[{"path":"@dxos/node-std/inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/browser/subtle.ts":{"bytes":925,"imports":[{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":
|
|
1
|
+
{"inputs":{"inject-globals:@inject-globals":{"bytes":324,"imports":[{"path":"@dxos/node-std/inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/browser/subtle.ts":{"bytes":925,"imports":[{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":4811,"imports":[{"path":"packages/common/crypto/src/browser/subtle.ts","kind":"import-statement","original":"./subtle"},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/uuid.ts":{"bytes":821,"imports":[{"path":"packages/common/crypto/src/browser/subtle.ts","kind":"import-statement","original":"./subtle"},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/index.ts":{"bytes":909,"imports":[{"path":"packages/common/crypto/src/keys.ts","kind":"import-statement","original":"./keys"},{"path":"packages/common/crypto/src/signer.ts","kind":"import-statement","original":"./signer"},{"path":"packages/common/crypto/src/browser/subtle.ts","kind":"import-statement","original":"./subtle"},{"path":"packages/common/crypto/src/validator.ts","kind":"import-statement","original":"./validator"},{"path":"packages/common/crypto/src/verify.ts","kind":"import-statement","original":"./verify"},{"path":"packages/common/crypto/src/uuid.ts","kind":"import-statement","original":"./uuid"},{"path":"@inject-globals","kind":"import-statement","external":true}],"format":"esm"}},"outputs":{"packages/common/crypto/dist/lib/browser/index.mjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":7375},"packages/common/crypto/dist/lib/browser/index.mjs":{"imports":[{"path":"@dxos/node-std/inject-globals","kind":"import-statement","external":true},{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"exports":["SIGNATURE_LENGTH","createId","createKeyPair","discoveryKey","ed25519Signature","getSignatureValidator","randomBytes","randomUUID","sign","subtleCrypto","validateKeyPair","verify","verifySignature","webcrypto"],"entryPoint":"packages/common/crypto/src/index.ts","inputs":{"inject-globals:@inject-globals":{"bytesInOutput":79},"packages/common/crypto/src/keys.ts":{"bytesInOutput":2241},"packages/common/crypto/src/index.ts":{"bytesInOutput":0},"packages/common/crypto/src/browser/subtle.ts":{"bytesInOutput":58},"packages/common/crypto/src/validator.ts":{"bytesInOutput":238},"packages/common/crypto/src/verify.ts":{"bytesInOutput":908},"packages/common/crypto/src/uuid.ts":{"bytesInOutput":61}},"bytes":4135}}}
|
package/dist/lib/node/index.cjs
CHANGED
|
@@ -32,6 +32,7 @@ __export(node_exports, {
|
|
|
32
32
|
createId: () => createId,
|
|
33
33
|
createKeyPair: () => createKeyPair,
|
|
34
34
|
discoveryKey: () => discoveryKey,
|
|
35
|
+
ed25519Signature: () => ed25519Signature,
|
|
35
36
|
getSignatureValidator: () => getSignatureValidator,
|
|
36
37
|
randomBytes: () => randomBytes,
|
|
37
38
|
randomUUID: () => randomUUID,
|
|
@@ -127,23 +128,41 @@ var verify = (message, signature, publicKey) => {
|
|
|
127
128
|
var subtleCrypto = nodeCrypto.webcrypto.subtle;
|
|
128
129
|
var webcrypto2 = nodeCrypto.webcrypto;
|
|
129
130
|
var getSignatureValidator = (publicKey) => (message, signature) => (0, import_hypercore_crypto2.verify)(message, signature, import_keys2.PublicKey.bufferize(publicKey));
|
|
130
|
-
var verifySignature = async (key, message, signature
|
|
131
|
+
var verifySignature = async (key, message, signature, algorithm = {
|
|
132
|
+
name: "ECDSA",
|
|
133
|
+
namedCurve: "P-256"
|
|
134
|
+
}) => {
|
|
131
135
|
let publicKey;
|
|
132
136
|
try {
|
|
133
|
-
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(),
|
|
134
|
-
name: "ECDSA",
|
|
135
|
-
namedCurve: "P-256"
|
|
136
|
-
}, true, [
|
|
137
|
+
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(), algorithm, true, [
|
|
137
138
|
"verify"
|
|
138
139
|
]);
|
|
139
140
|
} catch {
|
|
140
141
|
return false;
|
|
141
142
|
}
|
|
142
143
|
return subtleCrypto.verify({
|
|
143
|
-
name:
|
|
144
|
+
name: algorithm.name,
|
|
144
145
|
hash: "SHA-256"
|
|
145
146
|
}, publicKey, signature, message);
|
|
146
147
|
};
|
|
148
|
+
var ed25519Signature = async (secretKey, message) => {
|
|
149
|
+
const curve = "Ed25519";
|
|
150
|
+
const privateKeyJwk = {
|
|
151
|
+
kty: "OKP",
|
|
152
|
+
crv: curve,
|
|
153
|
+
x: Buffer.from(secretKey.subarray(32)).toString("base64url"),
|
|
154
|
+
d: Buffer.from(secretKey.subarray(0, 32)).toString("base64url")
|
|
155
|
+
};
|
|
156
|
+
const key = await subtleCrypto.importKey("jwk", privateKeyJwk, {
|
|
157
|
+
name: curve
|
|
158
|
+
}, true, [
|
|
159
|
+
"sign"
|
|
160
|
+
]);
|
|
161
|
+
return new Uint8Array(await subtleCrypto.sign({
|
|
162
|
+
name: curve,
|
|
163
|
+
hash: "SHA-256"
|
|
164
|
+
}, key, message));
|
|
165
|
+
};
|
|
147
166
|
var randomUUID = () => {
|
|
148
167
|
return webcrypto2.randomUUID();
|
|
149
168
|
};
|
|
@@ -153,6 +172,7 @@ var randomUUID = () => {
|
|
|
153
172
|
createId,
|
|
154
173
|
createKeyPair,
|
|
155
174
|
discoveryKey,
|
|
175
|
+
ed25519Signature,
|
|
156
176
|
getSignatureValidator,
|
|
157
177
|
randomBytes,
|
|
158
178
|
randomUUID,
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/keys.ts", "../../../src/subtle.ts", "../../../src/validator.ts", "../../../src/verify.ts", "../../../src/uuid.ts"],
|
|
4
|
-
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport * as nodeCrypto from 'node:crypto';\n\nexport const subtleCrypto = nodeCrypto.webcrypto.subtle;\n\nexport const webcrypto = nodeCrypto.webcrypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (key: PublicKey
|
|
5
|
-
"mappings": "
|
|
6
|
-
"names": ["import_keys", "import_hypercore_crypto", "SIGNATURE_LENGTH", "createId", "PublicKey", "stringify", "randomBytes", "createKeyPair", "seed", "invariant", "length", "crypto", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "SECRET_KEY_LENGTH", "verify", "signature", "PUBLIC_KEY_LENGTH", "subtleCrypto", "webcrypto", "subtle", "getSignatureValidator", "bufferize", "verifySignature", "importKey", "asUint8Array", "
|
|
4
|
+
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport * as nodeCrypto from 'node:crypto';\n\nexport const subtleCrypto = nodeCrypto.webcrypto.subtle;\n\nexport const webcrypto = nodeCrypto.webcrypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (\n key: PublicKey,\n message: Uint8Array,\n signature: Uint8Array,\n algorithm: { name: string; namedCurve?: string } = { name: 'ECDSA', namedCurve: 'P-256' },\n): Promise<boolean> => {\n let publicKey!: CryptoKey;\n\n try {\n publicKey = await subtleCrypto.importKey('raw', key.asUint8Array(), algorithm, true, ['verify']);\n } catch {\n return false;\n }\n\n return subtleCrypto.verify(\n {\n name: algorithm.name,\n hash: 'SHA-256',\n },\n publicKey,\n signature,\n message,\n );\n};\n\n/**\n * Creates an Ed25519 (libsodium keypair format) signature.\n */\nexport const ed25519Signature = async (secretKey: Uint8Array, message: Uint8Array): Promise<Uint8Array> => {\n const curve = 'Ed25519';\n const privateKeyJwk = {\n kty: 'OKP',\n crv: curve,\n x: Buffer.from(secretKey.subarray(32)).toString('base64url'),\n d: Buffer.from(secretKey.subarray(0, 32)).toString('base64url'),\n };\n const key = await subtleCrypto.importKey('jwk', privateKeyJwk, { name: curve }, true, ['sign']);\n return new Uint8Array(await subtleCrypto.sign({ name: curve, hash: 'SHA-256' }, key, message));\n};\n", "//\n// Copyright 2024 DXOS.org\n//\n\nimport { webcrypto } from './subtle';\n\nexport const randomUUID = (): string => {\n return webcrypto.randomUUID();\n};\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIA,uBAA0B;AAC1B,kBAAkG;AAElG,8BAAmB;ACHnB,iBAA4B;ACA5B,IAAAA,eAA0B;AAE1B,IAAAC,2BAAuB;;AFGhB,IAAMC,mBAAmB;AAMzB,IAAMC,WAAW,MAAcC,sBAAUC,UAAUC,YAAY,EAAA,CAAA;AAE/D,IAAMC,gBAAgB,CAACC,SAAAA;AAC5B,MAAIA,MAAM;AACRC,oCAAUD,KAAKE,UAAU,IAAI,gDAAA;;;;;;;;;AAC7B,WAAOC,wBAAAA,QAAOC,QAAQJ,KAAKK,MAAM,GAAG,EAAA,CAAA;EACtC;AAGA,SAAOF,wBAAAA,QAAOC,QAAO;AACvB;AAGO,IAAME,kBAAkB,CAACC,WAAsBC,cACpDL,wBAAAA,QAAOG,gBAAgB;EAAEC,WAAWA,UAAUE,SAAQ;EAAID;AAAU,CAAA;AAG/D,IAAME,eAAe,CAACC,QAC3BR,wBAAAA,QAAOO,aAAad,sBAAUgB,KAAKD,GAAAA,EAAKF,SAAQ,EAAGJ,MAAM,CAAA,CAAA;AAOpD,IAAMP,cAAc,CAACI,SAAS,OAAeC,wBAAAA,QAAOL,YAAYI,MAAAA;AAQhE,IAAMW,OAAO,CAACC,SAAiBN,cAAAA;AACpCP,kCAAUc,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1Bb,kCAAUc,OAAOC,SAASR,SAAAA,KAAcA,UAAUN,WAAWe,+BAAAA,QAAAA;;;;;;;;;AAE7D,SAAOd,wBAAAA,QAAOU,KAAKC,SAASN,SAAAA;AAC9B;AASO,IAAMU,SAAS,CAACJ,SAAiBK,WAAmBZ,cAAAA;AACzDN,kCAAUc,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1Bb,kCAAUc,OAAOC,SAASG,SAAAA,KAAcA,UAAUjB,WAAWR,kBAAAA,QAAAA;;;;;;;;;AAC7DO,kCAAUc,OAAOC,SAAST,SAAAA,KAAcA,UAAUL,WAAWkB,+BAAAA,QAAAA;;;;;;;;;AAE7D,SAAOjB,wBAAAA,QAAOe,OAAOJ,SAASK,WAAWZ,SAAAA;AAC3C;AC9DO,IAAMc,eAA0BC,WAAAA,UAAUC;AAE1C,IAAMD,aAAuBA,WAAAA;ACI7B,IAAME,wBAAwB,CAACjB,cAAsB,CAACO,SAAiBK,kBAC5ED,yBAAAA,QAAOJ,SAASK,WAAWvB,aAAAA,UAAU6B,UAAUlB,SAAAA,CAAAA;ACF1C,IAAMmB,kBAAkB,OAC7Bf,KACAG,SACAK,WACAQ,YAAmD;EAAEC,MAAM;EAASC,YAAY;AAAQ,MAAC;AAEzF,MAAItB;AAEJ,MAAI;AACFA,gBAAY,MAAMc,aAAaS,UAAU,OAAOnB,IAAIoB,aAAY,GAAIJ,WAAW,MAAM;MAAC;KAAS;EACjG,QAAQ;AACN,WAAO;EACT;AAEA,SAAON,aAAaH,OAClB;IACEU,MAAMD,UAAUC;IAChBI,MAAM;EACR,GACAzB,WACAY,WACAL,OAAAA;AAEJ;AAKO,IAAMmB,mBAAmB,OAAOzB,WAAuBM,YAAAA;AAC5D,QAAMoB,QAAQ;AACd,QAAMC,gBAAgB;IACpBC,KAAK;IACLC,KAAKH;IACLI,GAAGvB,OAAOH,KAAKJ,UAAU+B,SAAS,EAAA,CAAA,EAAKC,SAAS,WAAA;IAChDC,GAAG1B,OAAOH,KAAKJ,UAAU+B,SAAS,GAAG,EAAA,CAAA,EAAKC,SAAS,WAAA;EACrD;AACA,QAAM7B,MAAM,MAAMU,aAAaS,UAAU,OAAOK,eAAe;IAAEP,MAAMM;EAAM,GAAG,MAAM;IAAC;GAAO;AAC9F,SAAO,IAAIQ,WAAW,MAAMrB,aAAaR,KAAK;IAAEe,MAAMM;IAAOF,MAAM;EAAU,GAAGrB,KAAKG,OAAAA,CAAAA;AACvF;AC3CO,IAAM6B,aAAa,MAAA;AACxB,SAAOrB,WAAUqB,WAAU;AAC7B;",
|
|
6
|
+
"names": ["import_keys", "import_hypercore_crypto", "SIGNATURE_LENGTH", "createId", "PublicKey", "stringify", "randomBytes", "createKeyPair", "seed", "invariant", "length", "crypto", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "SECRET_KEY_LENGTH", "verify", "signature", "PUBLIC_KEY_LENGTH", "subtleCrypto", "webcrypto", "subtle", "getSignatureValidator", "bufferize", "verifySignature", "algorithm", "name", "namedCurve", "importKey", "asUint8Array", "hash", "ed25519Signature", "curve", "privateKeyJwk", "kty", "crv", "x", "subarray", "toString", "d", "Uint8Array", "randomUUID"]
|
|
7
7
|
}
|
package/dist/lib/node/meta.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"inputs":{"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[],"format":"esm"},"packages/common/crypto/src/subtle.ts":{"bytes":978,"imports":[{"path":"node:crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":
|
|
1
|
+
{"inputs":{"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[],"format":"esm"},"packages/common/crypto/src/subtle.ts":{"bytes":978,"imports":[{"path":"node:crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":4811,"imports":[{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"}],"format":"esm"},"packages/common/crypto/src/uuid.ts":{"bytes":821,"imports":[{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"}],"format":"esm"},"packages/common/crypto/src/index.ts":{"bytes":909,"imports":[{"path":"packages/common/crypto/src/keys.ts","kind":"import-statement","original":"./keys"},{"path":"packages/common/crypto/src/signer.ts","kind":"import-statement","original":"./signer"},{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"},{"path":"packages/common/crypto/src/validator.ts","kind":"import-statement","original":"./validator"},{"path":"packages/common/crypto/src/verify.ts","kind":"import-statement","original":"./verify"},{"path":"packages/common/crypto/src/uuid.ts","kind":"import-statement","original":"./uuid"}],"format":"esm"}},"outputs":{"packages/common/crypto/dist/lib/node/index.cjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":7389},"packages/common/crypto/dist/lib/node/index.cjs":{"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"node:crypto","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"exports":["SIGNATURE_LENGTH","createId","createKeyPair","discoveryKey","ed25519Signature","getSignatureValidator","randomBytes","randomUUID","sign","subtleCrypto","validateKeyPair","verify","verifySignature","webcrypto"],"entryPoint":"packages/common/crypto/src/index.ts","inputs":{"packages/common/crypto/src/keys.ts":{"bytesInOutput":2233},"packages/common/crypto/src/index.ts":{"bytesInOutput":0},"packages/common/crypto/src/subtle.ts":{"bytesInOutput":130},"packages/common/crypto/src/validator.ts":{"bytesInOutput":238},"packages/common/crypto/src/verify.ts":{"bytesInOutput":908},"packages/common/crypto/src/uuid.ts":{"bytesInOutput":62}},"bytes":4058}}}
|
|
@@ -91,23 +91,41 @@ import { verify as verify2 } from "#hypercore-crypto";
|
|
|
91
91
|
var getSignatureValidator = (publicKey) => (message, signature) => verify2(message, signature, PublicKey2.bufferize(publicKey));
|
|
92
92
|
|
|
93
93
|
// packages/common/crypto/src/verify.ts
|
|
94
|
-
var verifySignature = async (key, message, signature
|
|
94
|
+
var verifySignature = async (key, message, signature, algorithm = {
|
|
95
|
+
name: "ECDSA",
|
|
96
|
+
namedCurve: "P-256"
|
|
97
|
+
}) => {
|
|
95
98
|
let publicKey;
|
|
96
99
|
try {
|
|
97
|
-
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(),
|
|
98
|
-
name: "ECDSA",
|
|
99
|
-
namedCurve: "P-256"
|
|
100
|
-
}, true, [
|
|
100
|
+
publicKey = await subtleCrypto.importKey("raw", key.asUint8Array(), algorithm, true, [
|
|
101
101
|
"verify"
|
|
102
102
|
]);
|
|
103
103
|
} catch {
|
|
104
104
|
return false;
|
|
105
105
|
}
|
|
106
106
|
return subtleCrypto.verify({
|
|
107
|
-
name:
|
|
107
|
+
name: algorithm.name,
|
|
108
108
|
hash: "SHA-256"
|
|
109
109
|
}, publicKey, signature, message);
|
|
110
110
|
};
|
|
111
|
+
var ed25519Signature = async (secretKey, message) => {
|
|
112
|
+
const curve = "Ed25519";
|
|
113
|
+
const privateKeyJwk = {
|
|
114
|
+
kty: "OKP",
|
|
115
|
+
crv: curve,
|
|
116
|
+
x: Buffer.from(secretKey.subarray(32)).toString("base64url"),
|
|
117
|
+
d: Buffer.from(secretKey.subarray(0, 32)).toString("base64url")
|
|
118
|
+
};
|
|
119
|
+
const key = await subtleCrypto.importKey("jwk", privateKeyJwk, {
|
|
120
|
+
name: curve
|
|
121
|
+
}, true, [
|
|
122
|
+
"sign"
|
|
123
|
+
]);
|
|
124
|
+
return new Uint8Array(await subtleCrypto.sign({
|
|
125
|
+
name: curve,
|
|
126
|
+
hash: "SHA-256"
|
|
127
|
+
}, key, message));
|
|
128
|
+
};
|
|
111
129
|
|
|
112
130
|
// packages/common/crypto/src/uuid.ts
|
|
113
131
|
var randomUUID = () => {
|
|
@@ -118,6 +136,7 @@ export {
|
|
|
118
136
|
createId,
|
|
119
137
|
createKeyPair,
|
|
120
138
|
discoveryKey,
|
|
139
|
+
ed25519Signature,
|
|
121
140
|
getSignatureValidator,
|
|
122
141
|
randomBytes,
|
|
123
142
|
randomUUID,
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/keys.ts", "../../../src/subtle.ts", "../../../src/validator.ts", "../../../src/verify.ts", "../../../src/uuid.ts"],
|
|
4
|
-
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport * as nodeCrypto from 'node:crypto';\n\nexport const subtleCrypto = nodeCrypto.webcrypto.subtle;\n\nexport const webcrypto = nodeCrypto.webcrypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (key: PublicKey
|
|
5
|
-
"mappings": ";;;AAIA,SAASA,iBAAiB;AAC1B,SAAuBC,WAA+BC,mBAAmBC,yBAAyB;AAElG,OAAOC,YAAY;;AAEZ,IAAMC,mBAAmB;AAMzB,IAAMC,WAAW,MAAcL,UAAUM,UAAUC,YAAY,EAAA,CAAA;AAE/D,IAAMC,gBAAgB,CAACC,SAAAA;AAC5B,MAAIA,MAAM;AACRV,cAAUU,KAAKC,UAAU,IAAI,gDAAA;;;;;;;;;AAC7B,WAAOP,OAAOQ,QAAQF,KAAKG,MAAM,GAAG,EAAA,CAAA;EACtC;AAGA,SAAOT,OAAOQ,QAAO;AACvB;AAGO,IAAME,kBAAkB,CAACC,WAAsBC,cACpDZ,OAAOU,gBAAgB;EAAEC,WAAWA,UAAUE,SAAQ;EAAID;AAAU,CAAA;AAG/D,IAAME,eAAe,CAACC,QAC3Bf,OAAOc,aAAajB,UAAUmB,KAAKD,GAAAA,EAAKF,SAAQ,EAAGJ,MAAM,CAAA,CAAA;AAOpD,IAAML,cAAc,CAACG,SAAS,OAAeP,OAAOI,YAAYG,MAAAA;AAQhE,IAAMU,OAAO,CAACC,SAAiBN,cAAAA;AACpChB,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASR,SAAAA,KAAcA,UAAUL,WAAWR,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOC,OAAOiB,KAAKC,SAASN,SAAAA;AAC9B;AASO,IAAMS,SAAS,CAACH,SAAiBI,WAAmBX,cAAAA;AACzDf,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASE,SAAAA,KAAcA,UAAUf,WAAWN,kBAAAA,QAAAA;;;;;;;;;AAC7DL,YAAUuB,OAAOC,SAAST,SAAAA,KAAcA,UAAUJ,WAAWT,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOE,OAAOqB,OAAOH,SAASI,WAAWX,SAAAA;AAC3C;;;AChEA,YAAYY,gBAAgB;AAErB,IAAMC,eAA0BC,qBAAUC;AAE1C,IAAMD,aAAuBA;;;ACJpC,SAASE,aAAAA,kBAAiB;AAE1B,SAASC,UAAAA,eAAc;AAMhB,IAAMC,wBAAwB,CAACC,cAAsB,CAACC,SAAiBC,cAC5EC,QAAOF,SAASC,WAAWE,WAAUC,UAAUL,SAAAA,CAAAA;;;ACF1C,IAAMM,kBAAkB,
|
|
6
|
-
"names": ["invariant", "PublicKey", "PUBLIC_KEY_LENGTH", "SECRET_KEY_LENGTH", "crypto", "SIGNATURE_LENGTH", "createId", "stringify", "randomBytes", "createKeyPair", "seed", "length", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "verify", "signature", "nodeCrypto", "subtleCrypto", "webcrypto", "subtle", "PublicKey", "verify", "getSignatureValidator", "publicKey", "message", "signature", "verify", "PublicKey", "bufferize", "verifySignature", "key", "message", "signature", "publicKey", "subtleCrypto", "importKey", "asUint8Array", "
|
|
4
|
+
"sourcesContent": ["//\n// Copyright 2020 DXOS.org\n//\n\nimport { invariant } from '@dxos/invariant';\nimport { type KeyPair, PublicKey, type PublicKeyLike, PUBLIC_KEY_LENGTH, SECRET_KEY_LENGTH } from '@dxos/keys';\n\nimport crypto from '#hypercore-crypto';\n\nexport const SIGNATURE_LENGTH = 64;\n\n/**\n * @deprecated\n */\n// TODO(burdon): Remove.\nexport const createId = (): string => PublicKey.stringify(randomBytes(32));\n\nexport const createKeyPair = (seed?: Buffer): KeyPair => {\n if (seed) {\n invariant(seed.length >= 32, 'Seedphrase too sort. Expecting length of 32.');\n return crypto.keyPair(seed.slice(0, 32));\n }\n\n // TODO(burdon): Enable seed for debugging.\n return crypto.keyPair();\n};\n\n// TODO(burdon): Buffer.\nexport const validateKeyPair = (publicKey: PublicKey, secretKey: Buffer) =>\n crypto.validateKeyPair({ publicKey: publicKey.asBuffer(), secretKey });\n\n// TODO(dmaretskyi): Slicing because webcrypto keys are too long.\nexport const discoveryKey = (key: PublicKeyLike): Buffer =>\n crypto.discoveryKey(PublicKey.from(key).asBuffer().slice(1));\n\n/**\n * Return random bytes of length.\n * @param [length=32]\n * @return {Buffer}\n */\nexport const randomBytes = (length = 32): Buffer => crypto.randomBytes(length);\n\n/**\n * Sign the contents of message with secret_key\n * @param {Buffer} message\n * @param {Buffer} secretKey\n * @returns {Buffer} signature\n */\nexport const sign = (message: Buffer, secretKey: Buffer): Buffer => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(secretKey) && secretKey.length === SECRET_KEY_LENGTH);\n\n return crypto.sign(message, secretKey);\n};\n\n/**\n * Verifies the signature against the message and public_key.\n * @param {Buffer} message\n * @param {Buffer} publicKey\n * @param {Buffer} signature\n * @return {boolean}\n */\nexport const verify = (message: Buffer, signature: Buffer, publicKey: Buffer): boolean => {\n invariant(Buffer.isBuffer(message));\n invariant(Buffer.isBuffer(signature) && signature.length === SIGNATURE_LENGTH);\n invariant(Buffer.isBuffer(publicKey) && publicKey.length === PUBLIC_KEY_LENGTH);\n\n return crypto.verify(message, signature, publicKey);\n};\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport * as nodeCrypto from 'node:crypto';\n\nexport const subtleCrypto = nodeCrypto.webcrypto.subtle;\n\nexport const webcrypto = nodeCrypto.webcrypto;\n", "//\n// Copyright 2020 DXOS.org\n//\n\nimport { PublicKey } from '@dxos/keys';\n\nimport { verify } from '#hypercore-crypto';\n\n/**\n * Generator for signature validation function.\n * @param {String} publicKey\n */\nexport const getSignatureValidator = (publicKey: string) => (message: Buffer, signature: Buffer) =>\n verify(message, signature, PublicKey.bufferize(publicKey));\n", "//\n// Copyright 2022 DXOS.org\n//\n\nimport { type PublicKey } from '@dxos/keys';\n\nimport { subtleCrypto } from './subtle';\n\n/**\n * Verify a signature with the given key.\n */\nexport const verifySignature = async (\n key: PublicKey,\n message: Uint8Array,\n signature: Uint8Array,\n algorithm: { name: string; namedCurve?: string } = { name: 'ECDSA', namedCurve: 'P-256' },\n): Promise<boolean> => {\n let publicKey!: CryptoKey;\n\n try {\n publicKey = await subtleCrypto.importKey('raw', key.asUint8Array(), algorithm, true, ['verify']);\n } catch {\n return false;\n }\n\n return subtleCrypto.verify(\n {\n name: algorithm.name,\n hash: 'SHA-256',\n },\n publicKey,\n signature,\n message,\n );\n};\n\n/**\n * Creates an Ed25519 (libsodium keypair format) signature.\n */\nexport const ed25519Signature = async (secretKey: Uint8Array, message: Uint8Array): Promise<Uint8Array> => {\n const curve = 'Ed25519';\n const privateKeyJwk = {\n kty: 'OKP',\n crv: curve,\n x: Buffer.from(secretKey.subarray(32)).toString('base64url'),\n d: Buffer.from(secretKey.subarray(0, 32)).toString('base64url'),\n };\n const key = await subtleCrypto.importKey('jwk', privateKeyJwk, { name: curve }, true, ['sign']);\n return new Uint8Array(await subtleCrypto.sign({ name: curve, hash: 'SHA-256' }, key, message));\n};\n", "//\n// Copyright 2024 DXOS.org\n//\n\nimport { webcrypto } from './subtle';\n\nexport const randomUUID = (): string => {\n return webcrypto.randomUUID();\n};\n"],
|
|
5
|
+
"mappings": ";;;AAIA,SAASA,iBAAiB;AAC1B,SAAuBC,WAA+BC,mBAAmBC,yBAAyB;AAElG,OAAOC,YAAY;;AAEZ,IAAMC,mBAAmB;AAMzB,IAAMC,WAAW,MAAcL,UAAUM,UAAUC,YAAY,EAAA,CAAA;AAE/D,IAAMC,gBAAgB,CAACC,SAAAA;AAC5B,MAAIA,MAAM;AACRV,cAAUU,KAAKC,UAAU,IAAI,gDAAA;;;;;;;;;AAC7B,WAAOP,OAAOQ,QAAQF,KAAKG,MAAM,GAAG,EAAA,CAAA;EACtC;AAGA,SAAOT,OAAOQ,QAAO;AACvB;AAGO,IAAME,kBAAkB,CAACC,WAAsBC,cACpDZ,OAAOU,gBAAgB;EAAEC,WAAWA,UAAUE,SAAQ;EAAID;AAAU,CAAA;AAG/D,IAAME,eAAe,CAACC,QAC3Bf,OAAOc,aAAajB,UAAUmB,KAAKD,GAAAA,EAAKF,SAAQ,EAAGJ,MAAM,CAAA,CAAA;AAOpD,IAAML,cAAc,CAACG,SAAS,OAAeP,OAAOI,YAAYG,MAAAA;AAQhE,IAAMU,OAAO,CAACC,SAAiBN,cAAAA;AACpChB,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASR,SAAAA,KAAcA,UAAUL,WAAWR,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOC,OAAOiB,KAAKC,SAASN,SAAAA;AAC9B;AASO,IAAMS,SAAS,CAACH,SAAiBI,WAAmBX,cAAAA;AACzDf,YAAUuB,OAAOC,SAASF,OAAAA,GAAAA,QAAAA;;;;;;;;;AAC1BtB,YAAUuB,OAAOC,SAASE,SAAAA,KAAcA,UAAUf,WAAWN,kBAAAA,QAAAA;;;;;;;;;AAC7DL,YAAUuB,OAAOC,SAAST,SAAAA,KAAcA,UAAUJ,WAAWT,mBAAAA,QAAAA;;;;;;;;;AAE7D,SAAOE,OAAOqB,OAAOH,SAASI,WAAWX,SAAAA;AAC3C;;;AChEA,YAAYY,gBAAgB;AAErB,IAAMC,eAA0BC,qBAAUC;AAE1C,IAAMD,aAAuBA;;;ACJpC,SAASE,aAAAA,kBAAiB;AAE1B,SAASC,UAAAA,eAAc;AAMhB,IAAMC,wBAAwB,CAACC,cAAsB,CAACC,SAAiBC,cAC5EC,QAAOF,SAASC,WAAWE,WAAUC,UAAUL,SAAAA,CAAAA;;;ACF1C,IAAMM,kBAAkB,OAC7BC,KACAC,SACAC,WACAC,YAAmD;EAAEC,MAAM;EAASC,YAAY;AAAQ,MAAC;AAEzF,MAAIC;AAEJ,MAAI;AACFA,gBAAY,MAAMC,aAAaC,UAAU,OAAOR,IAAIS,aAAY,GAAIN,WAAW,MAAM;MAAC;KAAS;EACjG,QAAQ;AACN,WAAO;EACT;AAEA,SAAOI,aAAaG,OAClB;IACEN,MAAMD,UAAUC;IAChBO,MAAM;EACR,GACAL,WACAJ,WACAD,OAAAA;AAEJ;AAKO,IAAMW,mBAAmB,OAAOC,WAAuBZ,YAAAA;AAC5D,QAAMa,QAAQ;AACd,QAAMC,gBAAgB;IACpBC,KAAK;IACLC,KAAKH;IACLI,GAAGC,OAAOC,KAAKP,UAAUQ,SAAS,EAAA,CAAA,EAAKC,SAAS,WAAA;IAChDC,GAAGJ,OAAOC,KAAKP,UAAUQ,SAAS,GAAG,EAAA,CAAA,EAAKC,SAAS,WAAA;EACrD;AACA,QAAMtB,MAAM,MAAMO,aAAaC,UAAU,OAAOO,eAAe;IAAEX,MAAMU;EAAM,GAAG,MAAM;IAAC;GAAO;AAC9F,SAAO,IAAIU,WAAW,MAAMjB,aAAakB,KAAK;IAAErB,MAAMU;IAAOH,MAAM;EAAU,GAAGX,KAAKC,OAAAA,CAAAA;AACvF;;;AC3CO,IAAMyB,aAAa,MAAA;AACxB,SAAOC,WAAUD,WAAU;AAC7B;",
|
|
6
|
+
"names": ["invariant", "PublicKey", "PUBLIC_KEY_LENGTH", "SECRET_KEY_LENGTH", "crypto", "SIGNATURE_LENGTH", "createId", "stringify", "randomBytes", "createKeyPair", "seed", "length", "keyPair", "slice", "validateKeyPair", "publicKey", "secretKey", "asBuffer", "discoveryKey", "key", "from", "sign", "message", "Buffer", "isBuffer", "verify", "signature", "nodeCrypto", "subtleCrypto", "webcrypto", "subtle", "PublicKey", "verify", "getSignatureValidator", "publicKey", "message", "signature", "verify", "PublicKey", "bufferize", "verifySignature", "key", "message", "signature", "algorithm", "name", "namedCurve", "publicKey", "subtleCrypto", "importKey", "asUint8Array", "verify", "hash", "ed25519Signature", "secretKey", "curve", "privateKeyJwk", "kty", "crv", "x", "Buffer", "from", "subarray", "toString", "d", "Uint8Array", "sign", "randomUUID", "webcrypto"]
|
|
7
7
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"inputs":{"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[],"format":"esm"},"packages/common/crypto/src/subtle.ts":{"bytes":978,"imports":[{"path":"node:crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":
|
|
1
|
+
{"inputs":{"packages/common/crypto/src/keys.ts":{"bytes":8453,"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/signer.ts":{"bytes":810,"imports":[],"format":"esm"},"packages/common/crypto/src/subtle.ts":{"bytes":978,"imports":[{"path":"node:crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/validator.ts":{"bytes":1519,"imports":[{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"format":"esm"},"packages/common/crypto/src/verify.ts":{"bytes":4811,"imports":[{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"}],"format":"esm"},"packages/common/crypto/src/uuid.ts":{"bytes":821,"imports":[{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"}],"format":"esm"},"packages/common/crypto/src/index.ts":{"bytes":909,"imports":[{"path":"packages/common/crypto/src/keys.ts","kind":"import-statement","original":"./keys"},{"path":"packages/common/crypto/src/signer.ts","kind":"import-statement","original":"./signer"},{"path":"packages/common/crypto/src/subtle.ts","kind":"import-statement","original":"./subtle"},{"path":"packages/common/crypto/src/validator.ts","kind":"import-statement","original":"./validator"},{"path":"packages/common/crypto/src/verify.ts","kind":"import-statement","original":"./verify"},{"path":"packages/common/crypto/src/uuid.ts","kind":"import-statement","original":"./uuid"}],"format":"esm"}},"outputs":{"packages/common/crypto/dist/lib/node-esm/index.mjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":7391},"packages/common/crypto/dist/lib/node-esm/index.mjs":{"imports":[{"path":"@dxos/invariant","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true},{"path":"node:crypto","kind":"import-statement","external":true},{"path":"@dxos/keys","kind":"import-statement","external":true},{"path":"#hypercore-crypto","kind":"import-statement","external":true}],"exports":["SIGNATURE_LENGTH","createId","createKeyPair","discoveryKey","ed25519Signature","getSignatureValidator","randomBytes","randomUUID","sign","subtleCrypto","validateKeyPair","verify","verifySignature","webcrypto"],"entryPoint":"packages/common/crypto/src/index.ts","inputs":{"packages/common/crypto/src/keys.ts":{"bytesInOutput":2233},"packages/common/crypto/src/index.ts":{"bytesInOutput":0},"packages/common/crypto/src/subtle.ts":{"bytesInOutput":130},"packages/common/crypto/src/validator.ts":{"bytesInOutput":238},"packages/common/crypto/src/verify.ts":{"bytesInOutput":908},"packages/common/crypto/src/uuid.ts":{"bytesInOutput":62}},"bytes":4151}}}
|
|
@@ -2,5 +2,12 @@ import { type PublicKey } from '@dxos/keys';
|
|
|
2
2
|
/**
|
|
3
3
|
* Verify a signature with the given key.
|
|
4
4
|
*/
|
|
5
|
-
export declare const verifySignature: (key: PublicKey, message: Uint8Array, signature: Uint8Array
|
|
5
|
+
export declare const verifySignature: (key: PublicKey, message: Uint8Array, signature: Uint8Array, algorithm?: {
|
|
6
|
+
name: string;
|
|
7
|
+
namedCurve?: string;
|
|
8
|
+
}) => Promise<boolean>;
|
|
9
|
+
/**
|
|
10
|
+
* Creates an Ed25519 (libsodium keypair format) signature.
|
|
11
|
+
*/
|
|
12
|
+
export declare const ed25519Signature: (secretKey: Uint8Array, message: Uint8Array) => Promise<Uint8Array>;
|
|
6
13
|
//# sourceMappingURL=verify.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../src/verify.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,YAAY,CAAC;AAI5C;;GAEG;AACH,eAAO,MAAM,eAAe,
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../src/verify.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,KAAK,SAAS,EAAE,MAAM,YAAY,CAAC;AAI5C;;GAEG;AACH,eAAO,MAAM,eAAe,QACrB,SAAS,WACL,UAAU,aACR,UAAU,cACV;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAAE,KAC/C,OAAO,CAAC,OAAO,CAkBjB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,gBAAgB,cAAqB,UAAU,WAAW,UAAU,KAAG,OAAO,CAAC,UAAU,CAUrG,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify.test.d.ts","sourceRoot":"","sources":["../../../src/verify.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dxos/crypto",
|
|
3
|
-
"version": "0.6.
|
|
3
|
+
"version": "0.6.13-main.041e8aa",
|
|
4
4
|
"description": "Basic cross-platform crypto utils.",
|
|
5
5
|
"homepage": "https://dxos.org",
|
|
6
6
|
"bugs": "https://github.com/dxos/dxos/issues",
|
|
@@ -36,9 +36,9 @@
|
|
|
36
36
|
],
|
|
37
37
|
"dependencies": {
|
|
38
38
|
"hypercore-crypto": "^2.3.0",
|
|
39
|
-
"@dxos/invariant": "0.6.
|
|
40
|
-
"@dxos/keys": "0.6.
|
|
41
|
-
"@dxos/node-std": "0.6.
|
|
39
|
+
"@dxos/invariant": "0.6.13-main.041e8aa",
|
|
40
|
+
"@dxos/keys": "0.6.13-main.041e8aa",
|
|
41
|
+
"@dxos/node-std": "0.6.13-main.041e8aa"
|
|
42
42
|
},
|
|
43
43
|
"devDependencies": {
|
|
44
44
|
"@types/node": "^22.7.4"
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Verify a signature with the given key.
|
|
3
|
+
*/
|
|
4
|
+
//
|
|
5
|
+
// Copyright 2024 DXOS.org
|
|
6
|
+
//
|
|
7
|
+
|
|
8
|
+
import { describe, expect, test } from 'vitest';
|
|
9
|
+
|
|
10
|
+
import { PublicKey } from '@dxos/keys';
|
|
11
|
+
|
|
12
|
+
import { createKeyPair } from './keys';
|
|
13
|
+
import { ed25519Signature, verifySignature } from './verify';
|
|
14
|
+
|
|
15
|
+
describe('verify', () => {
|
|
16
|
+
test('keypair conversion', async () => {
|
|
17
|
+
const keypair = createKeyPair();
|
|
18
|
+
const message = Buffer.from('hello');
|
|
19
|
+
const signature = await ed25519Signature(keypair.secretKey, message);
|
|
20
|
+
expect(
|
|
21
|
+
await verifySignature(PublicKey.from(keypair.publicKey), message, signature, {
|
|
22
|
+
name: 'Ed25519',
|
|
23
|
+
}),
|
|
24
|
+
).toBeTruthy();
|
|
25
|
+
});
|
|
26
|
+
});
|
package/src/verify.ts
CHANGED
|
@@ -9,27 +9,23 @@ import { subtleCrypto } from './subtle';
|
|
|
9
9
|
/**
|
|
10
10
|
* Verify a signature with the given key.
|
|
11
11
|
*/
|
|
12
|
-
export const verifySignature = async (
|
|
12
|
+
export const verifySignature = async (
|
|
13
|
+
key: PublicKey,
|
|
14
|
+
message: Uint8Array,
|
|
15
|
+
signature: Uint8Array,
|
|
16
|
+
algorithm: { name: string; namedCurve?: string } = { name: 'ECDSA', namedCurve: 'P-256' },
|
|
17
|
+
): Promise<boolean> => {
|
|
13
18
|
let publicKey!: CryptoKey;
|
|
14
19
|
|
|
15
20
|
try {
|
|
16
|
-
publicKey = await subtleCrypto.importKey(
|
|
17
|
-
'raw',
|
|
18
|
-
key.asUint8Array(),
|
|
19
|
-
{
|
|
20
|
-
name: 'ECDSA',
|
|
21
|
-
namedCurve: 'P-256',
|
|
22
|
-
},
|
|
23
|
-
true,
|
|
24
|
-
['verify'],
|
|
25
|
-
);
|
|
21
|
+
publicKey = await subtleCrypto.importKey('raw', key.asUint8Array(), algorithm, true, ['verify']);
|
|
26
22
|
} catch {
|
|
27
23
|
return false;
|
|
28
24
|
}
|
|
29
25
|
|
|
30
26
|
return subtleCrypto.verify(
|
|
31
27
|
{
|
|
32
|
-
name:
|
|
28
|
+
name: algorithm.name,
|
|
33
29
|
hash: 'SHA-256',
|
|
34
30
|
},
|
|
35
31
|
publicKey,
|
|
@@ -37,3 +33,18 @@ export const verifySignature = async (key: PublicKey, message: Uint8Array, signa
|
|
|
37
33
|
message,
|
|
38
34
|
);
|
|
39
35
|
};
|
|
36
|
+
|
|
37
|
+
/**
|
|
38
|
+
* Creates an Ed25519 (libsodium keypair format) signature.
|
|
39
|
+
*/
|
|
40
|
+
export const ed25519Signature = async (secretKey: Uint8Array, message: Uint8Array): Promise<Uint8Array> => {
|
|
41
|
+
const curve = 'Ed25519';
|
|
42
|
+
const privateKeyJwk = {
|
|
43
|
+
kty: 'OKP',
|
|
44
|
+
crv: curve,
|
|
45
|
+
x: Buffer.from(secretKey.subarray(32)).toString('base64url'),
|
|
46
|
+
d: Buffer.from(secretKey.subarray(0, 32)).toString('base64url'),
|
|
47
|
+
};
|
|
48
|
+
const key = await subtleCrypto.importKey('jwk', privateKeyJwk, { name: curve }, true, ['sign']);
|
|
49
|
+
return new Uint8Array(await subtleCrypto.sign({ name: curve, hash: 'SHA-256' }, key, message));
|
|
50
|
+
};
|