@koralabs/kora-labs-common 6.7.9 → 6.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/handles/utils.js +2 -25
- package/index.d.ts +0 -1
- package/index.js +3 -1
- package/package.json +2 -2
- package/utils/index.d.ts +0 -1
- package/utils/index.js +3 -1
- package/utils/cip8/index.d.ts +0 -29
- package/utils/cip8/index.js +0 -154
package/handles/utils.js
CHANGED
|
@@ -1,30 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
3
|
exports.buildDrep = exports.checkHandlePattern = exports.buildMetadata = exports.buildNumericModifiers = exports.buildCharacters = exports.getRarity = void 0;
|
|
27
|
-
const
|
|
4
|
+
const js_md5_1 = require("js-md5");
|
|
28
5
|
const constants_1 = require("../constants");
|
|
29
6
|
const utils_1 = require("../utils");
|
|
30
7
|
const constants_2 = require("./constants");
|
|
@@ -128,7 +105,7 @@ const buildDrep = (address, id_hash) => {
|
|
|
128
105
|
const decoded = (_a = (0, utils_1.decodeAddress)(address)) === null || _a === void 0 ? void 0 : _a.slice(2, 58);
|
|
129
106
|
if (!decoded || decoded == '')
|
|
130
107
|
return undefined;
|
|
131
|
-
const hashed =
|
|
108
|
+
const hashed = (0, js_md5_1.md5)(Buffer.from(decoded, 'hex'));
|
|
132
109
|
if (!id_hash.startsWith(hashed))
|
|
133
110
|
return undefined;
|
|
134
111
|
const typeByte = id_hash.slice(32, 34);
|
package/index.d.ts
CHANGED
package/index.js
CHANGED
|
@@ -16,7 +16,9 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
exports.ProtectedWords = exports.Logger = exports.LogCategory = exports.Environment = exports.ComputeEnvironment = void 0;
|
|
18
18
|
__exportStar(require("./constants"), exports);
|
|
19
|
-
|
|
19
|
+
// NOTE: './aws' (KMS + JWT signing) is intentionally NOT re-exported here — it pulls Node-only
|
|
20
|
+
// deps (@aws-sdk/client-kms, node:crypto) that break browser bundles. It is server-only; import it
|
|
21
|
+
// directly from the subpath: `@koralabs/kora-labs-common/aws`. This keeps the root index isomorphic.
|
|
20
22
|
var environment_1 = require("./environment");
|
|
21
23
|
Object.defineProperty(exports, "ComputeEnvironment", { enumerable: true, get: function () { return environment_1.ComputeEnvironment; } });
|
|
22
24
|
Object.defineProperty(exports, "Environment", { enumerable: true, get: function () { return environment_1.Environment; } });
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@koralabs/kora-labs-common",
|
|
3
|
-
"version": "6.
|
|
3
|
+
"version": "6.8.0",
|
|
4
4
|
"description": "Kora Labs Common Utilities",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"types": "index.d.ts",
|
|
@@ -40,13 +40,13 @@
|
|
|
40
40
|
},
|
|
41
41
|
"dependencies": {
|
|
42
42
|
"@aws-sdk/client-kms": "^3.1003.0",
|
|
43
|
-
"@emurgo/cardano-message-signing-nodejs": "^1.0.1",
|
|
44
43
|
"bech32": "^2.0.0",
|
|
45
44
|
"blakejs": "^1.2.1",
|
|
46
45
|
"boolean": "^3.2.0",
|
|
47
46
|
"bs58": "^6.0.0",
|
|
48
47
|
"cbor": "^9.0.2",
|
|
49
48
|
"crc": "^4.3.2",
|
|
49
|
+
"js-md5": "^0.8.3",
|
|
50
50
|
"libsodium-wrappers-sumo": "^0.8.3",
|
|
51
51
|
"pluralize-esm": "^9.0.5"
|
|
52
52
|
},
|
package/utils/index.d.ts
CHANGED
|
@@ -30,5 +30,4 @@ export declare const isUserIssueTrackingId: (value: unknown) => value is string;
|
|
|
30
30
|
export declare const normalizeUserIssueEventSegment: (value: string) => string;
|
|
31
31
|
export declare const buildUserIssueEventKey: (repo: string, flow: string, pathOrFunction: string, step: string) => string;
|
|
32
32
|
export { decodeCborToJson, encodeJsonToDatum, DefaultTextFormat as KeyType } from './cbor';
|
|
33
|
-
export * from './cip8';
|
|
34
33
|
export * from './crypto';
|
package/utils/index.js
CHANGED
|
@@ -199,5 +199,7 @@ var cbor_1 = require("./cbor");
|
|
|
199
199
|
Object.defineProperty(exports, "decodeCborToJson", { enumerable: true, get: function () { return cbor_1.decodeCborToJson; } });
|
|
200
200
|
Object.defineProperty(exports, "encodeJsonToDatum", { enumerable: true, get: function () { return cbor_1.encodeJsonToDatum; } });
|
|
201
201
|
Object.defineProperty(exports, "KeyType", { enumerable: true, get: function () { return cbor_1.DefaultTextFormat; } });
|
|
202
|
-
|
|
202
|
+
// NOTE: './cip8' (CIP-30 signData via @emurgo/cardano-message-signing-nodejs WASM + node:crypto)
|
|
203
|
+
// was removed from kora-labs-common — its only consumer was auth.handle.me, which now owns it. It
|
|
204
|
+
// is a heavy Node-only signer that should never reach an isomorphic package's surface.
|
|
203
205
|
__exportStar(require("./crypto"), exports);
|
package/utils/cip8/index.d.ts
DELETED
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Produce a CIP-30 signData (CIP-8) signature.
|
|
3
|
-
*
|
|
4
|
-
* Builds COSE_Sign1 and COSE_Key structures that verifyCip30SignData can verify.
|
|
5
|
-
*
|
|
6
|
-
* @param privateKeyHex - raw Ed25519 private key (32 bytes hex)
|
|
7
|
-
* @param publicKeyHex - raw Ed25519 public key (32 bytes hex)
|
|
8
|
-
* @param payloadHex - hex of the payload to sign (e.g. UTF-8 bytes of requestId + handle)
|
|
9
|
-
* @param addressHex - hex of the signing address (included in COSE protected headers)
|
|
10
|
-
* @returns { signature: string, key: string } — COSESign1 and COSEKey as CBOR hex
|
|
11
|
-
*/
|
|
12
|
-
export declare const signCip30Data: (privateKeyHex: string, publicKeyHex: string, payloadHex: string, addressHex: string, signFn?: ((messageHex: string) => string) | undefined) => Promise<{
|
|
13
|
-
signature: string;
|
|
14
|
-
key: string;
|
|
15
|
-
}>;
|
|
16
|
-
/**
|
|
17
|
-
* Verify a CIP-30 signData (CIP-8) signature.
|
|
18
|
-
*
|
|
19
|
-
* Parses the COSE structures produced by the wallet, reconstructs the
|
|
20
|
-
* SigStructure using the library (not manual CBOR), and verifies the
|
|
21
|
-
* Ed25519 signature with Node.js crypto.
|
|
22
|
-
*
|
|
23
|
-
* @param signatureCborHex - COSESign1 CBOR hex from wallet signData response
|
|
24
|
-
* @param publicKeyCborHex - COSEKey CBOR hex from wallet signData response
|
|
25
|
-
* @param expectedPayloadHex - hex of the expected signed payload (e.g. requestId + handle as UTF-8 bytes)
|
|
26
|
-
* @param expectedAddressHex - hex of the expected signing address (must match the address in the COSE protected headers)
|
|
27
|
-
* @returns true if the signature is valid
|
|
28
|
-
*/
|
|
29
|
-
export declare const verifyCip30SignData: (signatureCborHex: string, publicKeyCborHex: string, expectedPayloadHex: string, expectedAddressHex: string) => Promise<boolean>;
|
package/utils/cip8/index.js
DELETED
|
@@ -1,154 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.verifyCip30SignData = exports.signCip30Data = void 0;
|
|
27
|
-
const crypto_1 = require("crypto");
|
|
28
|
-
let _cms;
|
|
29
|
-
const getCms = async () => {
|
|
30
|
-
if (!_cms) {
|
|
31
|
-
_cms = await Promise.resolve().then(() => __importStar(require('@emurgo/cardano-message-signing-nodejs')));
|
|
32
|
-
}
|
|
33
|
-
return _cms;
|
|
34
|
-
};
|
|
35
|
-
/**
|
|
36
|
-
* Produce a CIP-30 signData (CIP-8) signature.
|
|
37
|
-
*
|
|
38
|
-
* Builds COSE_Sign1 and COSE_Key structures that verifyCip30SignData can verify.
|
|
39
|
-
*
|
|
40
|
-
* @param privateKeyHex - raw Ed25519 private key (32 bytes hex)
|
|
41
|
-
* @param publicKeyHex - raw Ed25519 public key (32 bytes hex)
|
|
42
|
-
* @param payloadHex - hex of the payload to sign (e.g. UTF-8 bytes of requestId + handle)
|
|
43
|
-
* @param addressHex - hex of the signing address (included in COSE protected headers)
|
|
44
|
-
* @returns { signature: string, key: string } — COSESign1 and COSEKey as CBOR hex
|
|
45
|
-
*/
|
|
46
|
-
const signCip30Data = async (privateKeyHex, publicKeyHex, payloadHex, addressHex,
|
|
47
|
-
/** Optional sign function for extended keys. Takes message hex, returns signature hex. */
|
|
48
|
-
signFn) => {
|
|
49
|
-
const cms = await getCms();
|
|
50
|
-
const payloadBytes = Buffer.from(payloadHex, 'hex');
|
|
51
|
-
const addrBytes = Buffer.from(addressHex, 'hex');
|
|
52
|
-
const pubKeyBytes = Buffer.from(publicKeyHex, 'hex');
|
|
53
|
-
// Build protected headers: algorithm = EdDSA, address = signing address
|
|
54
|
-
const protectedHeaders = cms.HeaderMap.new();
|
|
55
|
-
protectedHeaders.set_algorithm_id(cms.Label.from_algorithm_id(cms.AlgorithmId.EdDSA));
|
|
56
|
-
protectedHeaders.set_header(cms.Label.new_text('address'), cms.CBORValue.new_bytes(addrBytes));
|
|
57
|
-
const headers = cms.Headers.new(cms.ProtectedHeaderMap.new(protectedHeaders), cms.HeaderMap.new());
|
|
58
|
-
const builder = cms.COSESign1Builder.new(headers, payloadBytes, false);
|
|
59
|
-
// Sign the SigStructure with the Ed25519 private key.
|
|
60
|
-
// Accepts 32-byte seed (Node.js crypto) or 64-byte extended key (Cardano BIP32).
|
|
61
|
-
// For extended keys, a signFn callback must be provided since the standard
|
|
62
|
-
// DER format doesn't support pre-clamped scalars.
|
|
63
|
-
const sigStructureBytes = builder.make_data_to_sign().to_bytes();
|
|
64
|
-
const privKeyRaw = Buffer.from(privateKeyHex, 'hex');
|
|
65
|
-
let signatureBytes;
|
|
66
|
-
if (privKeyRaw.length <= 32) {
|
|
67
|
-
// 32-byte seed: use Node.js crypto
|
|
68
|
-
const privKeyDer = Buffer.concat([
|
|
69
|
-
Buffer.from('302e020100300506032b657004220420', 'hex'),
|
|
70
|
-
privKeyRaw
|
|
71
|
-
]);
|
|
72
|
-
const keyObject = (0, crypto_1.createPrivateKey)({ key: privKeyDer, format: 'der', type: 'pkcs8' });
|
|
73
|
-
signatureBytes = (0, crypto_1.sign)(null, Buffer.from(sigStructureBytes), keyObject);
|
|
74
|
-
}
|
|
75
|
-
else if (signFn) {
|
|
76
|
-
// Extended key with custom sign function (e.g. @cardano-sdk/crypto Ed25519PrivateKey.sign)
|
|
77
|
-
signatureBytes = Buffer.from(signFn(Buffer.from(sigStructureBytes).toString('hex')), 'hex');
|
|
78
|
-
}
|
|
79
|
-
else {
|
|
80
|
-
throw new Error('64-byte extended key requires a signFn parameter');
|
|
81
|
-
}
|
|
82
|
-
const coseSign1 = builder.build(signatureBytes);
|
|
83
|
-
// Build COSE_Key with the public key
|
|
84
|
-
const coseKey = cms.COSEKey.new(cms.Label.from_key_type(cms.KeyType.OKP));
|
|
85
|
-
coseKey.set_algorithm_id(cms.Label.from_algorithm_id(cms.AlgorithmId.EdDSA));
|
|
86
|
-
coseKey.set_header(cms.Label.new_int(cms.Int.new_i32(-1)), cms.CBORValue.from_label(cms.Label.from_curve_type(cms.CurveType.Ed25519)));
|
|
87
|
-
coseKey.set_header(cms.Label.new_int(cms.Int.new_i32(-2)), cms.CBORValue.new_bytes(pubKeyBytes));
|
|
88
|
-
return {
|
|
89
|
-
signature: Buffer.from(coseSign1.to_bytes()).toString('hex'),
|
|
90
|
-
key: Buffer.from(coseKey.to_bytes()).toString('hex')
|
|
91
|
-
};
|
|
92
|
-
};
|
|
93
|
-
exports.signCip30Data = signCip30Data;
|
|
94
|
-
/**
|
|
95
|
-
* Verify a CIP-30 signData (CIP-8) signature.
|
|
96
|
-
*
|
|
97
|
-
* Parses the COSE structures produced by the wallet, reconstructs the
|
|
98
|
-
* SigStructure using the library (not manual CBOR), and verifies the
|
|
99
|
-
* Ed25519 signature with Node.js crypto.
|
|
100
|
-
*
|
|
101
|
-
* @param signatureCborHex - COSESign1 CBOR hex from wallet signData response
|
|
102
|
-
* @param publicKeyCborHex - COSEKey CBOR hex from wallet signData response
|
|
103
|
-
* @param expectedPayloadHex - hex of the expected signed payload (e.g. requestId + handle as UTF-8 bytes)
|
|
104
|
-
* @param expectedAddressHex - hex of the expected signing address (must match the address in the COSE protected headers)
|
|
105
|
-
* @returns true if the signature is valid
|
|
106
|
-
*/
|
|
107
|
-
const verifyCip30SignData = async (signatureCborHex, publicKeyCborHex, expectedPayloadHex, expectedAddressHex) => {
|
|
108
|
-
var _a;
|
|
109
|
-
const cms = await getCms();
|
|
110
|
-
// Parse COSESign1 and COSEKey from wallet output
|
|
111
|
-
const coseSign1 = cms.COSESign1.from_bytes(Buffer.from(signatureCborHex, 'hex'));
|
|
112
|
-
const coseKey = cms.COSEKey.from_bytes(Buffer.from(publicKeyCborHex, 'hex'));
|
|
113
|
-
// Extract the address from the protected headers and verify it matches
|
|
114
|
-
const protectedHeaders = coseSign1.headers().protected().deserialized_headers();
|
|
115
|
-
const addressLabel = cms.Label.new_text('address');
|
|
116
|
-
const addressValue = protectedHeaders.header(addressLabel);
|
|
117
|
-
if (addressValue) {
|
|
118
|
-
const addressBytes = Buffer.from((_a = addressValue.as_bytes()) !== null && _a !== void 0 ? _a : new Uint8Array()).toString('hex');
|
|
119
|
-
if (addressBytes !== expectedAddressHex) {
|
|
120
|
-
return false;
|
|
121
|
-
}
|
|
122
|
-
}
|
|
123
|
-
// Verify the payload matches what we expect
|
|
124
|
-
const signedPayload = coseSign1.payload();
|
|
125
|
-
if (signedPayload) {
|
|
126
|
-
const payloadHex = Buffer.from(signedPayload).toString('hex');
|
|
127
|
-
if (payloadHex !== expectedPayloadHex) {
|
|
128
|
-
return false;
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
// Reconstruct the SigStructure (what was actually signed) using the library
|
|
132
|
-
const sigStructure = coseSign1.signed_data();
|
|
133
|
-
const sigStructureBytes = sigStructure.to_bytes();
|
|
134
|
-
// Extract the raw Ed25519 signature
|
|
135
|
-
const signatureBytes = coseSign1.signature();
|
|
136
|
-
// Extract the Ed25519 public key from COSEKey (label -2 is the "x" coordinate / public key)
|
|
137
|
-
const xLabel = cms.Label.new_int(cms.Int.new_i32(-2));
|
|
138
|
-
const pubKeyValue = coseKey.header(xLabel);
|
|
139
|
-
if (!pubKeyValue) {
|
|
140
|
-
return false;
|
|
141
|
-
}
|
|
142
|
-
const pubKeyBytes = pubKeyValue.as_bytes();
|
|
143
|
-
if (!pubKeyBytes || pubKeyBytes.length !== 32) {
|
|
144
|
-
return false;
|
|
145
|
-
}
|
|
146
|
-
// Wrap the raw Ed25519 public key in DER SPKI format for Node.js crypto
|
|
147
|
-
const pubKeyDer = Buffer.concat([
|
|
148
|
-
Buffer.from('302a300506032b6570032100', 'hex'),
|
|
149
|
-
Buffer.from(pubKeyBytes)
|
|
150
|
-
]);
|
|
151
|
-
const keyObject = (0, crypto_1.createPublicKey)({ key: pubKeyDer, format: 'der', type: 'spki' });
|
|
152
|
-
return (0, crypto_1.verify)(null, Buffer.from(sigStructureBytes), keyObject, Buffer.from(signatureBytes));
|
|
153
|
-
};
|
|
154
|
-
exports.verifyCip30SignData = verifyCip30SignData;
|