npm - @ocap/mcrypto - Versions diffs - 1.29.14 → 1.29.16 - Mend

@ocap/mcrypto 1.29.14 → 1.29.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/esm/index.d.mts CHANGED Viewed

@@ -39,7 +39,7 @@ interface SignerType {
   sign(data: BytesType, sk: BytesType, encoding?: 'Uint8Array'): Uint8Array;
   sign(data: BytesType, sk: BytesType, encoding?: EncodingType): BytesType;
   /** extra is JSON string for passkey signer containing {authenticatorData, clientDataJSON} */
-  verify(data: BytesType, pk: BytesType, signature: BytesType, extra?: string): boolean;
+  verify(data: BytesType, signature: BytesType, pk: BytesType, extra?: string): boolean;
   ethHash?(data: string): string;
   ethSign?(data: string, sk: string): string;
   ethVerify?(data: string, pk: string, signature: BytesType): boolean;

package/esm/signer/ed25519.d.mts CHANGED Viewed

@@ -25,6 +25,16 @@ declare class Ed25519Signer extends _default$1 {
    * @memberof Ed25519Signer
    */
   genKeyPair(encoding?: EncodingType, userSeed?: BytesType): KeyPairType;
+  /**
+   * Validate that a 64-byte key (in seed|pk format) has a matching embedded public key.
+   * Note: Cross-platform keys (e.g. Elixir) may use private_scalar|pk format where
+   * the first 32 bytes are NOT a seed, so this check only applies to seed|pk format keys.
+   *
+   * @param {Uint8Array} skBytes - 64-byte key to validate
+   * @returns {boolean} true if embedded pk matches seed-derived pk
+   * @throws {Error} if the key is not 64 bytes
+   */
+  validateKeyPair(sk: BytesType): boolean;
   /**
    * Get publicKey from secretKey
    *

package/esm/signer/ed25519.mjs CHANGED Viewed

@@ -41,6 +41,23 @@ var Ed25519Signer = class extends signer_default {
 		};
 	}
 	/**
+	* Validate that a 64-byte key (in seed|pk format) has a matching embedded public key.
+	* Note: Cross-platform keys (e.g. Elixir) may use private_scalar|pk format where
+	* the first 32 bytes are NOT a seed, so this check only applies to seed|pk format keys.
+	*
+	* @param {Uint8Array} skBytes - 64-byte key to validate
+	* @returns {boolean} true if embedded pk matches seed-derived pk
+	* @throws {Error} if the key is not 64 bytes
+	*/
+	validateKeyPair(sk) {
+		const skBytes = toUint8Array(sk);
+		if (skBytes.byteLength !== 64) throw new Error("validateKeyPair requires a 64-byte key");
+		const seed = skBytes.slice(0, 32);
+		const derivedPk = ed.getPublicKey(seed);
+		const embeddedPk = skBytes.slice(32, 64);
+		return derivedPk.length === embeddedPk.length && derivedPk.every((b, i) => b === embeddedPk[i]);
+	}
+	/**
 	* Get publicKey from secretKey
 	*
 	* @param {hex|buffer|base58|Uint8Array} sk - can be either a hex encoded string or a buffer

package/esm/signer/secp256k1.mjs CHANGED Viewed

@@ -57,23 +57,31 @@ var Secp256k1Signer = class extends signer_default {
 	* Sign a message and get the signature hex
 	*/
 	sign(message, sk, encoding = "hex") {
-		let msg = message;
-		try {
-			msg = toUint8Array(message);
-		} catch (_err) {}
+		const msg = toUint8Array(message);
 		return encode(`0x${secp256k1.keyFromPrivate(toBuffer(sk)).sign(stripHexPrefix(msg), { canonical: true }).toDER("hex")}`, encoding);
 	}
 	/**
 	* Verify if a signature is valid
 	*/
 	verify(message, signature, pk) {
-		let msg = message;
-		try {
-			msg = toUint8Array(message);
-		} catch (_err) {}
+		const msg = toUint8Array(message);
+		const sigHex = stripHexPrefix(toHex(signature));
+		const sigBuf = Buffer.from(sigHex, "hex");
+		if (sigBuf.length > 6 && sigBuf[0] === 48) {
+			const sLenIndex = 4 + sigBuf[3] + 1;
+			if (sLenIndex < sigBuf.length) {
+				const sLen = sigBuf[sLenIndex];
+				const sStart = sLenIndex + 1;
+				if (sStart + sLen <= sigBuf.length) {
+					const sValue = new BN(sigBuf.slice(sStart, sStart + sLen));
+					const halfOrder = secp256k1.curve.n.shrn(1);
+					if (sValue.cmp(halfOrder) > 0) return false;
+				}
+			}
+		}
 		let pkBuffer = toBuffer(pk);
 		if (this.pkHasFormatPrefix === false && pkBuffer[0] !== 4 && pkBuffer.byteLength === 64) pkBuffer = Buffer.concat([Uint8Array.from([4]), Uint8Array.from(pkBuffer)]);
-		return secp256k1.keyFromPublic(pkBuffer).verify(stripHexPrefix(msg), stripHexPrefix(toHex(signature)));
+		return secp256k1.keyFromPublic(pkBuffer).verify(stripHexPrefix(msg), sigHex);
 	}
 };
 var secp256k1_default = new Secp256k1Signer();

package/lib/index.d.cts CHANGED Viewed

@@ -39,7 +39,7 @@ interface SignerType {
   sign(data: BytesType, sk: BytesType, encoding?: 'Uint8Array'): Uint8Array;
   sign(data: BytesType, sk: BytesType, encoding?: EncodingType): BytesType;
   /** extra is JSON string for passkey signer containing {authenticatorData, clientDataJSON} */
-  verify(data: BytesType, pk: BytesType, signature: BytesType, extra?: string): boolean;
+  verify(data: BytesType, signature: BytesType, pk: BytesType, extra?: string): boolean;
   ethHash?(data: string): string;
   ethSign?(data: string, sk: string): string;
   ethVerify?(data: string, pk: string, signature: BytesType): boolean;

package/lib/signer/ed25519.cjs CHANGED Viewed

@@ -45,6 +45,23 @@ var Ed25519Signer = class extends require_protocols_signer.default {
 		};
 	}
 	/**
+	* Validate that a 64-byte key (in seed|pk format) has a matching embedded public key.
+	* Note: Cross-platform keys (e.g. Elixir) may use private_scalar|pk format where
+	* the first 32 bytes are NOT a seed, so this check only applies to seed|pk format keys.
+	*
+	* @param {Uint8Array} skBytes - 64-byte key to validate
+	* @returns {boolean} true if embedded pk matches seed-derived pk
+	* @throws {Error} if the key is not 64 bytes
+	*/
+	validateKeyPair(sk) {
+		const skBytes = (0, _ocap_util.toUint8Array)(sk);
+		if (skBytes.byteLength !== 64) throw new Error("validateKeyPair requires a 64-byte key");
+		const seed = skBytes.slice(0, 32);
+		const derivedPk = _noble_ed25519.getPublicKey(seed);
+		const embeddedPk = skBytes.slice(32, 64);
+		return derivedPk.length === embeddedPk.length && derivedPk.every((b, i) => b === embeddedPk[i]);
+	}
+	/**
 	* Get publicKey from secretKey
 	*
 	* @param {hex|buffer|base58|Uint8Array} sk - can be either a hex encoded string or a buffer

package/lib/signer/ed25519.d.cts CHANGED Viewed

@@ -25,6 +25,16 @@ declare class Ed25519Signer extends _default$1 {
    * @memberof Ed25519Signer
    */
   genKeyPair(encoding?: EncodingType, userSeed?: BytesType): KeyPairType;
+  /**
+   * Validate that a 64-byte key (in seed|pk format) has a matching embedded public key.
+   * Note: Cross-platform keys (e.g. Elixir) may use private_scalar|pk format where
+   * the first 32 bytes are NOT a seed, so this check only applies to seed|pk format keys.
+   *
+   * @param {Uint8Array} skBytes - 64-byte key to validate
+   * @returns {boolean} true if embedded pk matches seed-derived pk
+   * @throws {Error} if the key is not 64 bytes
+   */
+  validateKeyPair(sk: BytesType): boolean;
   /**
    * Get publicKey from secretKey
    *

package/lib/signer/secp256k1.cjs CHANGED Viewed

@@ -61,23 +61,31 @@ var Secp256k1Signer = class extends require_protocols_signer.default {
 	* Sign a message and get the signature hex
 	*/
 	sign(message, sk, encoding = "hex") {
-		let msg = message;
-		try {
-			msg = (0, _ocap_util.toUint8Array)(message);
-		} catch (_err) {}
+		const msg = (0, _ocap_util.toUint8Array)(message);
 		return require_encode.encode(`0x${secp256k1.keyFromPrivate((0, _ocap_util.toBuffer)(sk)).sign((0, _ocap_util.stripHexPrefix)(msg), { canonical: true }).toDER("hex")}`, encoding);
 	}
 	/**
 	* Verify if a signature is valid
 	*/
 	verify(message, signature, pk) {
-		let msg = message;
-		try {
-			msg = (0, _ocap_util.toUint8Array)(message);
-		} catch (_err) {}
+		const msg = (0, _ocap_util.toUint8Array)(message);
+		const sigHex = (0, _ocap_util.stripHexPrefix)((0, _ocap_util.toHex)(signature));
+		const sigBuf = Buffer.from(sigHex, "hex");
+		if (sigBuf.length > 6 && sigBuf[0] === 48) {
+			const sLenIndex = 4 + sigBuf[3] + 1;
+			if (sLenIndex < sigBuf.length) {
+				const sLen = sigBuf[sLenIndex];
+				const sStart = sLenIndex + 1;
+				if (sStart + sLen <= sigBuf.length) {
+					const sValue = new _ocap_util.BN(sigBuf.slice(sStart, sStart + sLen));
+					const halfOrder = secp256k1.curve.n.shrn(1);
+					if (sValue.cmp(halfOrder) > 0) return false;
+				}
+			}
+		}
 		let pkBuffer = (0, _ocap_util.toBuffer)(pk);
 		if (this.pkHasFormatPrefix === false && pkBuffer[0] !== 4 && pkBuffer.byteLength === 64) pkBuffer = Buffer.concat([Uint8Array.from([4]), Uint8Array.from(pkBuffer)]);
-		return secp256k1.keyFromPublic(pkBuffer).verify((0, _ocap_util.stripHexPrefix)(msg), (0, _ocap_util.stripHexPrefix)((0, _ocap_util.toHex)(signature)));
+		return secp256k1.keyFromPublic(pkBuffer).verify((0, _ocap_util.stripHexPrefix)(msg), sigHex);
 	}
 };
 var secp256k1_default = new Secp256k1Signer();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ocap/mcrypto",
-  "version": "1.29.14",
+  "version": "1.29.16",
   "type": "module",
   "description": "Crypto lib that provides signer,crypter,hasher interface",
   "keywords": [
@@ -48,7 +48,7 @@
     "esm"
   ],
   "devDependencies": {
-    "@ocap/e2e-test": "1.29.14",
+    "@ocap/e2e-test": "1.29.16",
     "@types/crypto-js": "^4.2.2",
     "@types/elliptic": "^6.4.18",
     "@types/node": "^22.7.5",
@@ -76,7 +76,7 @@
   "dependencies": {
     "@noble/ed25519": "^3.0.0",
     "@noble/hashes": "^2.0.1",
-    "@ocap/util": "1.29.14",
+    "@ocap/util": "1.29.16",
     "@simplewebauthn/server": "^13.0.0",
     "bn.js": "5.2.3",
     "crypto-js": "^4.2.0",