@majikah/majik-signature 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -63,7 +63,7 @@ export declare class MajikSignatureEmbed {
|
|
|
63
63
|
*/
|
|
64
64
|
static verify(file: Blob, publicKeys: MajikSignerPublicKeys, MajikSig: MajikSignatureStaticAdapter, options?: ExtractOptions & {
|
|
65
65
|
expectedSignerId?: string;
|
|
66
|
-
}): Promise<EmbedVerifyResult>;
|
|
66
|
+
}, debug?: boolean): Promise<EmbedVerifyResult>;
|
|
67
67
|
/**
|
|
68
68
|
* Verify using a MajikKey instance instead of raw public keys.
|
|
69
69
|
* Called from MajikSignature.verifyFile() — MajikSig passed to avoid
|
|
@@ -28,6 +28,7 @@ import { MkvHandler } from "./handlers/mkv";
|
|
|
28
28
|
import { OfficeHandler } from "./handlers/office";
|
|
29
29
|
import { TextHandler } from "./handlers/text";
|
|
30
30
|
import { FallbackHandler } from "./fallback";
|
|
31
|
+
import { bytesToBase64, hashContent } from "../hash";
|
|
31
32
|
// ─── Registry ─────────────────────────────────────────────────────────────────
|
|
32
33
|
const DEFAULT_REGISTRY = new FormatHandlerRegistry()
|
|
33
34
|
.register(new PdfHandler())
|
|
@@ -105,12 +106,14 @@ export class MajikSignatureEmbed {
|
|
|
105
106
|
* Requires the MajikSignature static class passed in as `MajikSig` to
|
|
106
107
|
* avoid a circular import. Called from MajikSignature.verifyFile().
|
|
107
108
|
*/
|
|
108
|
-
static async verify(file, publicKeys, MajikSig, options) {
|
|
109
|
+
static async verify(file, publicKeys, MajikSig, options, debug = false) {
|
|
109
110
|
const bytes = await blobToBytes(file);
|
|
110
111
|
const mimeType = options?.mimeType ?? detectMimeType(bytes, file.type);
|
|
111
112
|
const handler = DEFAULT_REGISTRY.resolve(bytes, mimeType);
|
|
112
113
|
const signatureJson = await handler.extract(bytes);
|
|
113
114
|
if (!signatureJson) {
|
|
115
|
+
if (debug)
|
|
116
|
+
console.error("No embedded signature found");
|
|
114
117
|
return {
|
|
115
118
|
valid: false,
|
|
116
119
|
reason: "No embedded signature found",
|
|
@@ -129,6 +132,12 @@ export class MajikSignatureEmbed {
|
|
|
129
132
|
};
|
|
130
133
|
}
|
|
131
134
|
const originalBytes = await handler.strip(bytes);
|
|
135
|
+
if (debug) {
|
|
136
|
+
const recomputedHash = bytesToBase64(hashContent(originalBytes));
|
|
137
|
+
console.log("Verify-side hash:", recomputedHash);
|
|
138
|
+
console.log("Embedded hash: ", parsedSig.contentHash);
|
|
139
|
+
console.log("match:", recomputedHash === parsedSig.contentHash);
|
|
140
|
+
}
|
|
132
141
|
if (options?.expectedSignerId &&
|
|
133
142
|
parsedSig.signerId !== options.expectedSignerId) {
|
|
134
143
|
return {
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "@majikah/majik-signature",
|
|
3
3
|
"type": "module",
|
|
4
4
|
"description": "Majik Signature is a hybrid post-quantum content signing and verification library for the Majikah ecosystem. Built on top of Majik Key, it provides tamper-proof, forgery-resistant digital signatures for any content format — using a dual-algorithm architecture that combines classical Ed25519 with post-quantum ML-DSA-87 (FIPS-204).",
|
|
5
|
-
"version": "0.0.
|
|
5
|
+
"version": "0.0.4",
|
|
6
6
|
"license": "Apache-2.0",
|
|
7
7
|
"author": "Zelijah",
|
|
8
8
|
"main": "./dist/index.js",
|