@ocap/mcrypto 1.29.22 → 1.29.23

package/esm/_virtual/rolldown_runtime.mjs

@@ -0,0 +1,18 @@
+//#region rolldown:runtime
+var __defProp = Object.defineProperty;
+var __exportAll = (all, symbols) => {
+	let target = {};
+	for (var name in all) {
+		__defProp(target, name, {
+			get: all[name],
+			enumerable: true
+		});
+	}
+	if (symbols) {
+		__defProp(target, Symbol.toStringTag, { value: "Module" });
+	}
+	return target;
+};
+
+//#endregion
+export { __exportAll };

package/esm/index.d.mts

@@ -5,6 +5,7 @@ import { Ed25519Signer } from "./signer/ed25519.mjs";
 import { Secp256k1Signer } from "./signer/secp256k1.mjs";
 import { EthereumSigner } from "./signer/ethereum.mjs";
 import { PasskeySigner } from "./signer/passkey.mjs";
+import { webauthn_d_exports } from "./webauthn.mjs";
 import { BytesType, EncodingType, KeyPairType } from "@ocap/util";
 import { LiteralUnion } from "type-fest";
 
@@ -238,4 +239,4 @@ declare function getRandomBytes(length: number, encoding?: 'Uint8Array'): Uint8A
 declare function getRandomBytes(length: number, encoding?: EncodingType): BytesType;
 declare const toTxHash: (buf: Buffer | Uint8Array) => string;
 //#endregion
-export { AddressType, HashFnType, HashType, Hasher, KeyType, RoleType, Signer, SignerType, getHasher, getRandomBytes, getSigner, toTxHash, types };
+export { AddressType, HashFnType, HashType, Hasher, KeyType, RoleType, Signer, SignerType, getHasher, getRandomBytes, getSigner, toTxHash, types, webauthn_d_exports as webauthn };

package/esm/index.mjs

@@ -5,6 +5,7 @@ import sha3_default from "./hasher/sha3.mjs";
 import ed25519_default from "./signer/ed25519.mjs";
 import secp256k1_default from "./signer/secp256k1.mjs";
 import ethereum_default from "./signer/ethereum.mjs";
+import { webauthn_exports } from "./webauthn.mjs";
 import passkey_default from "./signer/passkey.mjs";
 import randomBytes from "randombytes";
 
@@ -181,4 +182,4 @@ function getRandomBytes(length = 32, encoding = "hex") {
 const toTxHash = (buf) => Hasher.SHA2.hash256(buf, 1, "hex").replace(/^0x/, "").toUpperCase();
 
 //#endregion
-export { Hasher, Signer, getHasher, getRandomBytes, getSigner, toTxHash, types };
+export { Hasher, Signer, getHasher, getRandomBytes, getSigner, toTxHash, types, webauthn_exports as webauthn };

package/esm/signer/ethereum.d.mts

@@ -3,7 +3,7 @@ import { Secp256k1Signer } from "./secp256k1.mjs";
 //#region src/signer/ethereum.d.ts
 
 /**
- * Signer implementation for secp256k1, based on `elliptic`, and ethereum compatible
+ * Signer implementation for secp256k1, based on `@noble/curves`, and ethereum compatible
  *
  * @class EthereumSigner
  */

package/esm/signer/ethereum.mjs

@@ -1,11 +1,19 @@
 import { Secp256k1Signer } from "./secp256k1.mjs";
 import { hexToBytes, isHexStrict, utf8ToHex } from "@ocap/util";
-import Account from "eth-lib/lib/account.js";
-import Hash from "eth-lib/lib/hash.js";
+import { keccak_256 } from "@noble/hashes/sha3.js";
+import { bytesToHex } from "@noble/hashes/utils.js";
+import { secp256k1 } from "@noble/curves/secp256k1";
 
 //#region src/signer/ethereum.ts
+function toChecksumAddress(address) {
+	const addr = address.slice(2).toLowerCase();
+	const hash = bytesToHex(keccak_256(Buffer.from(addr)));
+	let result = "0x";
+	for (let i = 0; i < 40; i++) result += Number.parseInt(hash[i], 16) > 7 ? addr[i].toUpperCase() : addr[i];
+	return result;
+}
 /**
-* Signer implementation for secp256k1, based on `elliptic`, and ethereum compatible
+* Signer implementation for secp256k1, based on `@noble/curves`, and ethereum compatible
 *
 * @class EthereumSigner
 */
@@ -16,17 +24,25 @@ var EthereumSigner = class extends Secp256k1Signer {
 	}
 	ethHash(data) {
 		const messageBytes = hexToBytes(isHexStrict(data) ? data : utf8ToHex(data));
-		const messageBuffer = Buffer.from(messageBytes);
 		const preamble = `\x19Ethereum Signed Message:\n${messageBytes.length}`;
-		const preambleBuffer = Uint8Array.from(Buffer.from(preamble));
-		const ethMessage = Buffer.concat([preambleBuffer, Uint8Array.from(messageBuffer)]);
-		return Hash.keccak256s(ethMessage);
+		const ethMessage = Buffer.concat([Buffer.from(preamble), Buffer.from(messageBytes)]);
+		return `0x${bytesToHex(keccak_256(new Uint8Array(ethMessage)))}`;
 	}
 	ethSign(data, privateKey) {
-		return Account.sign(data, privateKey);
+		const msgHash = Buffer.from(data.slice(2), "hex");
+		const sk = Buffer.from(privateKey.slice(2), "hex");
+		const sig = secp256k1.sign(msgHash, sk);
+		const v = (27 + sig.recovery).toString(16).padStart(2, "0");
+		return `0x${sig.toCompactHex()}${v}`;
 	}
 	ethRecover(data, signature) {
-		return Account.recover(data, signature);
+		const sigHex = signature.slice(2);
+		const v = Number.parseInt(sigHex.slice(128, 130), 16);
+		const recovery = v < 2 ? v : 1 - v % 2;
+		const sig = secp256k1.Signature.fromCompact(sigHex.slice(0, 128)).addRecoveryBit(recovery);
+		const msgHash = Buffer.from(data.slice(2), "hex");
+		const pubKeyHex = sig.recoverPublicKey(msgHash).toHex(false).slice(2);
+		return toChecksumAddress(`0x${bytesToHex(keccak_256(Buffer.from(pubKeyHex, "hex"))).slice(-40)}`);
 	}
 };
 var ethereum_default = new EthereumSigner();

package/esm/signer/passkey.d.mts

@@ -4,7 +4,7 @@ import { BytesType, EncodingType, KeyPairType } from "@ocap/util";
 //#region src/signer/passkey.d.ts
 
 /**
- * Signer implementation for passkey, based on `@simplewebauthn/server`
+ * Signer implementation for passkey, based on `@noble/curves`
  * Since passkey supports only verification, we do not need to implement the sign method
  * And passkeys can used multiple algorithms, we do not need to implement the algorithm selection
  *

package/esm/signer/passkey.mjs

@@ -1,10 +1,10 @@
 import signer_default from "../protocols/signer.mjs";
+import { decodeClientDataJSON, isoBase64URL, isoUint8Array, toHash, verifySignature } from "../webauthn.mjs";
 import { fromBase64, toBase64, toBuffer, toUint8Array } from "@ocap/util";
-import { decodeClientDataJSON, isoBase64URL, isoUint8Array, toHash, verifySignature } from "@simplewebauthn/server/helpers";
 
 //#region src/signer/passkey.ts
 /**
-* Signer implementation for passkey, based on `@simplewebauthn/server`
+* Signer implementation for passkey, based on `@noble/curves`
 * Since passkey supports only verification, we do not need to implement the sign method
 * And passkeys can used multiple algorithms, we do not need to implement the algorithm selection
 *

package/esm/signer/secp256k1.d.mts

@@ -4,7 +4,7 @@ import { BytesType, EncodingType, KeyPairType } from "@ocap/util";
 //#region src/signer/secp256k1.d.ts
 
 /**
- * Signer implementation for secp256k1, based on `elliptic`
+ * Signer implementation for secp256k1, based on `@noble/curves`
  *
  * @class Secp256k1Signer
  */

package/esm/signer/secp256k1.mjs

@@ -1,14 +1,13 @@
 import { encode } from "../encode.mjs";
 import signer_default from "../protocols/signer.mjs";
-import { BN, stripHexPrefix, toBuffer, toHex, toUint8Array } from "@ocap/util";
+import { toHex, toUint8Array } from "@ocap/util";
 import randomBytes from "randombytes";
-import elliptic from "elliptic";
+import { secp256k1 } from "@noble/curves/secp256k1";
+import { bytesToHex } from "@noble/curves/abstract/utils";
 
 //#region src/signer/secp256k1.ts
-const EC = elliptic.ec;
-const secp256k1 = new EC("secp256k1");
 /**
-* Signer implementation for secp256k1, based on `elliptic`
+* Signer implementation for secp256k1, based on `@noble/curves`
 *
 * @class Secp256k1Signer
 */
@@ -20,8 +19,7 @@ var Secp256k1Signer = class extends signer_default {
 	}
 	isValidSK(sk) {
 		if (sk.byteLength !== 32) return false;
-		const bn = new BN(sk);
-		return bn.cmp(secp256k1.curve.n) < 0 && !bn.isZero();
+		return secp256k1.utils.isValidPrivateKey(sk);
 	}
 	/**
 	* @public
@@ -49,7 +47,7 @@ var Secp256k1Signer = class extends signer_default {
 	*/
 	getPublicKey(sk, encoding = "hex") {
 		if (!this.isValidSK(toUint8Array(sk))) throw new Error("Invalid secret key");
-		let pk = secp256k1.keyFromPrivate(toBuffer(sk)).getPublic(this.pkCompressed, "hex");
+		let pk = bytesToHex(secp256k1.getPublicKey(toUint8Array(sk), this.pkCompressed));
 		if (this.pkHasFormatPrefix === false) pk = pk.slice(2);
 		return encode(`0x${pk}`, encoding);
 	}
@@ -58,30 +56,28 @@ var Secp256k1Signer = class extends signer_default {
 	*/
 	sign(message, sk, encoding = "hex") {
 		const msg = toUint8Array(message);
-		return encode(`0x${secp256k1.keyFromPrivate(toBuffer(sk)).sign(stripHexPrefix(msg), { canonical: true }).toDER("hex")}`, encoding);
+		return encode(`0x${secp256k1.sign(msg, toUint8Array(sk)).toDERHex()}`, encoding);
 	}
 	/**
 	* Verify if a signature is valid
 	*/
 	verify(message, signature, pk) {
 		const msg = toUint8Array(message);
-		const sigHex = stripHexPrefix(toHex(signature));
-		const sigBuf = Buffer.from(sigHex, "hex");
-		if (sigBuf.length > 6 && sigBuf[0] === 48) {
-			const sLenIndex = 4 + sigBuf[3] + 1;
-			if (sLenIndex < sigBuf.length) {
-				const sLen = sigBuf[sLenIndex];
-				const sStart = sLenIndex + 1;
-				if (sStart + sLen <= sigBuf.length) {
-					const sValue = new BN(sigBuf.slice(sStart, sStart + sLen));
-					const halfOrder = secp256k1.curve.n.shrn(1);
-					if (sValue.cmp(halfOrder) > 0) return false;
-				}
-			}
+		const sigHex = toHex(signature).replace(/^0x/i, "");
+		let pkBytes = toUint8Array(pk);
+		if (this.pkHasFormatPrefix === false && pkBytes[0] !== 4 && pkBytes.byteLength === 64) {
+			const prefixed = new Uint8Array(65);
+			prefixed[0] = 4;
+			prefixed.set(pkBytes, 1);
+			pkBytes = prefixed;
+		}
+		try {
+			const sig = secp256k1.Signature.fromDER(sigHex);
+			if (sig.hasHighS()) return false;
+			return secp256k1.verify(sig, msg, pkBytes);
+		} catch {
+			return false;
 		}
-		let pkBuffer = toBuffer(pk);
-		if (this.pkHasFormatPrefix === false && pkBuffer[0] !== 4 && pkBuffer.byteLength === 64) pkBuffer = Buffer.concat([Uint8Array.from([4]), Uint8Array.from(pkBuffer)]);
-		return secp256k1.keyFromPublic(pkBuffer).verify(stripHexPrefix(msg), sigHex);
 	}
 };
 var secp256k1_default = new Secp256k1Signer();

package/esm/webauthn.d.mts

@@ -0,0 +1,210 @@
+declare namespace webauthn_d_exports {
+  export { COSEALG, COSECRV, COSEKEYS, COSEKTY, GenerateAuthenticationOptionsOpts, GenerateRegistrationOptionsOpts, ParsedAuthenticatorData, RegistrationResponseJSON, VerifiedRegistrationResponse, cose, decodeClientDataJSON, generateAuthenticationOptions, generateChallenge, generateRegistrationOptions, isoBase64URL, isoCBOR, isoUint8Array, parseAuthenticatorData, toHash, verifyRegistrationResponse, verifySignature };
+}
+declare const COSEKEYS: {
+  readonly kty: 1;
+  readonly alg: 3;
+  readonly crv: -1;
+  readonly x: -2;
+  readonly y: -3;
+  readonly n: -1;
+  readonly e: -2;
+};
+declare const COSEKTY: {
+  readonly OKP: 1;
+  readonly EC2: 2;
+  readonly RSA: 3;
+};
+declare const COSEALG: {
+  readonly ES256: -7;
+  readonly EdDSA: -8;
+  readonly ES384: -35;
+  readonly ES512: -36;
+  readonly PS256: -37;
+  readonly PS384: -38;
+  readonly PS512: -39;
+  readonly ES256K: -47;
+  readonly RS256: -257;
+  readonly RS384: -258;
+  readonly RS512: -259;
+  readonly RS1: -65535;
+};
+declare const COSECRV: {
+  readonly P256: 1;
+  readonly P384: 2;
+  readonly P521: 3;
+  readonly ED25519: 6;
+  readonly SECP256K1: 8;
+};
+declare const cose: {
+  COSEKEYS: {
+    readonly kty: 1;
+    readonly alg: 3;
+    readonly crv: -1;
+    readonly x: -2;
+    readonly y: -3;
+    readonly n: -1;
+    readonly e: -2;
+  };
+  COSEKTY: {
+    readonly OKP: 1;
+    readonly EC2: 2;
+    readonly RSA: 3;
+  };
+  COSEALG: {
+    readonly ES256: -7;
+    readonly EdDSA: -8;
+    readonly ES384: -35;
+    readonly ES512: -36;
+    readonly PS256: -37;
+    readonly PS384: -38;
+    readonly PS512: -39;
+    readonly ES256K: -47;
+    readonly RS256: -257;
+    readonly RS384: -258;
+    readonly RS512: -259;
+    readonly RS1: -65535;
+  };
+  COSECRV: {
+    readonly P256: 1;
+    readonly P384: 2;
+    readonly P521: 3;
+    readonly ED25519: 6;
+    readonly SECP256K1: 8;
+  };
+};
+declare const isoBase64URL: {
+  toBuffer(base64url: string): Uint8Array;
+  fromBuffer(buffer: Uint8Array, to?: "base64url" | "base64"): string;
+  toUTF8String(base64url: string): string;
+  fromUTF8String(utf8String: string): string;
+};
+declare const isoUint8Array: {
+  concat(arrays: Uint8Array[]): Uint8Array;
+  areEqual(a: Uint8Array, b: Uint8Array): boolean;
+  toDataView(array: Uint8Array): DataView;
+  fromHex(hex: string): Uint8Array;
+};
+declare const isoCBOR: {
+  decodeFirst<T = any>(input: Uint8Array): T;
+  encode(input: any): Uint8Array;
+};
+declare function toHash(data: Uint8Array | string, algorithm?: number): Promise<Uint8Array>;
+declare function decodeClientDataJSON(data: string): {
+  type: string;
+  challenge: string;
+  origin: string;
+  crossOrigin?: boolean;
+};
+interface ParsedAuthenticatorData {
+  rpIdHash: Uint8Array;
+  flagsBuf: Uint8Array;
+  flags: {
+    up: boolean;
+    uv: boolean;
+    be: boolean;
+    bs: boolean;
+    at: boolean;
+    ed: boolean;
+    flagsInt: number;
+  };
+  counter: number;
+  counterBuf: Uint8Array;
+  aaguid?: Uint8Array;
+  credentialID?: Uint8Array;
+  credentialPublicKey?: Uint8Array;
+  extensionsData?: any;
+  extensionsDataBuffer?: Uint8Array;
+}
+declare function parseAuthenticatorData(authData: Uint8Array): ParsedAuthenticatorData;
+declare function verifySignature(opts: {
+  signature: Uint8Array;
+  data: Uint8Array;
+  credentialPublicKey: Uint8Array;
+}): Promise<boolean>;
+declare function generateChallenge(): Uint8Array;
+type GenerateRegistrationOptionsOpts = {
+  rpName: string;
+  rpID: string;
+  userName: string;
+  userID?: Uint8Array;
+  challenge?: string | Uint8Array;
+  userDisplayName?: string;
+  timeout?: number;
+  attestationType?: 'direct' | 'enterprise' | 'none';
+  excludeCredentials?: {
+    id: string;
+    transports?: string[];
+  }[];
+  authenticatorSelection?: {
+    authenticatorAttachment?: string;
+    residentKey?: string;
+    requireResidentKey?: boolean;
+    userVerification?: string;
+  };
+  extensions?: Record<string, any>;
+  supportedAlgorithmIDs?: number[];
+};
+declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<Record<string, any>>;
+type GenerateAuthenticationOptionsOpts = {
+  rpID: string;
+  allowCredentials?: {
+    id: string;
+    transports?: string[];
+  }[];
+  challenge?: string | Uint8Array;
+  timeout?: number;
+  userVerification?: 'required' | 'preferred' | 'discouraged';
+  extensions?: Record<string, any>;
+};
+declare function generateAuthenticationOptions(options: GenerateAuthenticationOptionsOpts): Promise<Record<string, any>>;
+type RegistrationResponseJSON = {
+  id: string;
+  rawId: string;
+  type: string;
+  response: {
+    attestationObject: string;
+    clientDataJSON: string;
+    transports?: string[];
+    publicKey?: string;
+    publicKeyAlgorithm?: number;
+    authenticatorData?: string;
+  };
+  clientExtensionResults?: Record<string, any>;
+};
+type VerifiedRegistrationResponse = {
+  verified: false;
+  registrationInfo?: never;
+} | {
+  verified: true;
+  registrationInfo: {
+    fmt: string;
+    aaguid: string;
+    credential: {
+      id: string;
+      publicKey: Uint8Array;
+      counter: number;
+      transports?: string[];
+    };
+    credentialType: 'public-key';
+    attestationObject: Uint8Array;
+    userVerified: boolean;
+    credentialDeviceType: 'singleDevice' | 'multiDevice';
+    credentialBackedUp: boolean;
+    origin: string;
+    rpID?: string;
+    authenticatorExtensionResults?: any;
+  };
+};
+declare function verifyRegistrationResponse(options: {
+  response: RegistrationResponseJSON;
+  expectedChallenge: string | ((challenge: string) => boolean | Promise<boolean>);
+  expectedOrigin: string | string[];
+  expectedRPID?: string | string[];
+  expectedType?: string | string[];
+  requireUserPresence?: boolean;
+  requireUserVerification?: boolean;
+  supportedAlgorithmIDs?: number[];
+}): Promise<VerifiedRegistrationResponse>;
+//#endregion
+export { COSEALG, COSECRV, COSEKEYS, COSEKTY, GenerateAuthenticationOptionsOpts, GenerateRegistrationOptionsOpts, ParsedAuthenticatorData, RegistrationResponseJSON, VerifiedRegistrationResponse, cose, decodeClientDataJSON, generateAuthenticationOptions, generateChallenge, generateRegistrationOptions, isoBase64URL, isoCBOR, isoUint8Array, parseAuthenticatorData, toHash, verifyRegistrationResponse, verifySignature, webauthn_d_exports };