npm - @kya-os/mcp-i - Versions diffs - 1.7.9 → 1.7.10 - Mend

@kya-os/mcp-i 1.7.9 → 1.7.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/runtime/delegation/vc-verifier.js +32 -17
package/package.json +1 -1

package/dist/runtime/delegation/vc-verifier.js CHANGED Viewed

@@ -254,11 +254,13 @@ class DelegationCredentialVerifier {
                     durationMs: Date.now() - startTime,
                 };
             }
-            // Extract signature bytes - handle JWS format (header.payload.signature)
-            // JWS compact serialization splits into 3 parts; only the 3rd is the signature
+            // Extract signature bytes and construct signing input
+            // Handle both JWS format (header.payload.signature) and proofValue format
             let signatureBase64url;
+            let signingInput;
             if (rawProofValue.includes('.')) {
-                // JWS format: extract the signature (third segment)
+                // JWS format with b64:false (standard for Ed25519Signature2020)
+                // The signing input is: base64url(header) + "." + payload_bytes
                 const jwsParts = rawProofValue.split('.');
                 if (jwsParts.length !== 3) {
                     return {
@@ -267,36 +269,49 @@ class DelegationCredentialVerifier {
                         durationMs: Date.now() - startTime,
                     };
                 }
-                signatureBase64url = jwsParts[2];
+                const [headerB64, payloadB64, signatureB64] = jwsParts;
+                signatureBase64url = signatureB64;
+                // For b64:false JWS, the signing input is the detached payload format:
+                // ASCII(BASE64URL(UTF8(JWS Protected Header))) || '.' || JWS Payload
+                // The payload is the hash of the document (for Ed25519Signature2020)
+                // Per RFC 7797 (JWS Unencoded Payload Option)
+                // Construct proof options for hashing (everything in proof except signature fields)
+                const proofOptions = { ...vc.proof };
+                delete proofOptions.proofValue;
+                delete proofOptions.jws;
+                delete proofOptions.signatureValue;
+                const canonicalDoc = (0, json_canonicalize_1.canonicalize)(vcWithoutProof);
+                const canonicalProof = (0, json_canonicalize_1.canonicalize)(proofOptions);
+                // Hash both and concatenate (payload for JWS)
+                const docHash = (0, crypto_1.createHash)('sha256').update(canonicalDoc, 'utf8').digest();
+                const proofHash = (0, crypto_1.createHash)('sha256').update(canonicalProof, 'utf8').digest();
+                const payloadBytes = Buffer.concat([proofHash, docHash]);
+                // JWS signing input: header + "." + payload_bytes
+                const headerBytes = Buffer.from(headerB64, 'utf8');
+                const separator = Buffer.from('.', 'utf8');
+                signingInput = Buffer.concat([headerBytes, separator, payloadBytes]);
             }
             else {
-                // proofValue is raw base64url signature
+                // proofValue is raw base64url signature (Ed25519Signature2020 native format)
                 signatureBase64url = rawProofValue;
-            }
-            try {
-                // For Ed25519Signature2020, we need to:
-                // 1. Canonicalize the VC without proofValue
-                // 2. Canonicalize the proof options
-                // 3. Hash both and concatenate
-                // 4. Verify the signature
                 // Construct proof options (everything in proof except proofValue)
                 const proofOptions = { ...vc.proof };
                 delete proofOptions.proofValue;
                 delete proofOptions.jws;
                 delete proofOptions.signatureValue;
-                // Create signing input: hash(canonicalize(document)) + hash(canonicalize(proofOptions))
+                // Create signing input: hash(canonicalize(proofOptions)) || hash(canonicalize(document))
                 const canonicalDoc = (0, json_canonicalize_1.canonicalize)(vcWithoutProof);
                 const canonicalProof = (0, json_canonicalize_1.canonicalize)(proofOptions);
-                // For Ed25519Signature2020, signing input is:
-                // SHA-256(canonicalize(proofOptions)) || SHA-256(canonicalize(document))
                 const docHash = (0, crypto_1.createHash)('sha256').update(canonicalDoc, 'utf8').digest();
                 const proofHash = (0, crypto_1.createHash)('sha256').update(canonicalProof, 'utf8').digest();
-                const signingInput = Buffer.concat([proofHash, docHash]);
+                signingInput = Buffer.concat([proofHash, docHash]);
+            }
+            try {
                 // Decode the base64url signature
                 const signatureBytes = Buffer.from(signatureBase64url, 'base64url');
                 // Use subtle crypto for Ed25519 verification
                 const cryptoKey = await globalThis.crypto.subtle.importKey('jwk', publicKeyJwk, { name: 'Ed25519' }, false, ['verify']);
-                const isValid = await globalThis.crypto.subtle.verify({ name: 'Ed25519' }, cryptoKey, signatureBytes, signingInput);
+                const isValid = await globalThis.crypto.subtle.verify({ name: 'Ed25519' }, cryptoKey, new Uint8Array(signatureBytes), new Uint8Array(signingInput));
                 if (!isValid) {
                     return {
                         valid: false,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/mcp-i",
-  "version": "1.7.9",
+  "version": "1.7.10",
   "description": "The TypeScript MCP framework with identity features built-in",
   "type": "commonjs",
   "main": "dist/index.js",