@ocap/mcrypto 1.29.3 → 1.29.5

package/esm/signer/ed25519.d.mts

@@ -4,7 +4,7 @@ import { BytesType, EncodingType, KeyPairType } from "@ocap/util";
 //#region src/signer/ed25519.d.ts
 
 /**
- * Signer implementation for ed25519, based on `tweetnacl`
+ * Signer implementation for ed25519, based on `@noble/ed25519`
  *
  * @class Ed25519Signer
  */

package/esm/signer/ed25519.mjs

@@ -2,12 +2,13 @@ import { encode } from "../encode.mjs";
 import signer_default from "../protocols/signer.mjs";
 import { toUint8Array } from "@ocap/util";
 import randomBytes from "randombytes";
-import tweetnacl from "tweetnacl";
+import hashjs from "hash.js";
+import * as ed from "@noble/ed25519";
 
 //#region src/signer/ed25519.ts
-const ed25519 = tweetnacl.sign;
+ed.hashes.sha512 = (msg) => new Uint8Array(hashjs.sha512().update(msg).digest());
 /**
-* Signer implementation for ed25519, based on `tweetnacl`
+* Signer implementation for ed25519, based on `@noble/ed25519`
 *
 * @class Ed25519Signer
 */
@@ -30,10 +31,14 @@ var Ed25519Signer = class extends signer_default {
 	genKeyPair(encoding = "hex", userSeed) {
 		const seed = userSeed ? toUint8Array(userSeed) : new Uint8Array(randomBytes(32));
 		if (seed.byteLength !== 32) throw new Error("Invalid seed to generate key pair");
-		const keyPair = ed25519.keyPair.fromSeed(seed);
-		keyPair.publicKey = encode(keyPair.publicKey, encoding);
-		keyPair.secretKey = encode(keyPair.secretKey, encoding);
-		return keyPair;
+		const publicKey = ed.getPublicKey(seed);
+		const secretKey = new Uint8Array(64);
+		secretKey.set(seed);
+		secretKey.set(publicKey, 32);
+		return {
+			publicKey: encode(publicKey, encoding),
+			secretKey: encode(secretKey, encoding)
+		};
 	}
 	/**
 	* Get publicKey from secretKey
@@ -43,8 +48,8 @@ var Ed25519Signer = class extends signer_default {
 	*/
 	getPublicKey(sk, encoding = "hex") {
 		const skBytes = toUint8Array(sk);
-		const pk = ed25519.keyPair.fromSecretKey(skBytes).publicKey;
-		return encode(pk, encoding);
+		if (skBytes.byteLength === 64) return encode(skBytes.slice(32, 64), encoding);
+		return encode(ed.getPublicKey(skBytes), encoding);
 	}
 	/**
 	* Sign a message and get the signature hex
@@ -54,9 +59,9 @@ var Ed25519Signer = class extends signer_default {
 	* @returns {string} hex encoded signature
 	*/
 	sign(message, sk, encoding = "hex") {
-		const skBytes = toUint8Array(sk);
+		const seed = toUint8Array(sk).slice(0, 32);
 		const messageBytes = toUint8Array(message);
-		return encode(ed25519.detached(messageBytes, skBytes), encoding);
+		return encode(ed.sign(messageBytes, seed), encoding);
 	}
 	/**
 	* Verify if a signature is valid
@@ -70,7 +75,7 @@ var Ed25519Signer = class extends signer_default {
 		const pkBytes = toUint8Array(pk);
 		const messageBytes = toUint8Array(message);
 		const signatureBytes = toUint8Array(signature);
-		return ed25519.detached.verify(messageBytes, signatureBytes, pkBytes);
+		return ed.verify(signatureBytes, messageBytes, pkBytes);
 	}
 };
 var ed25519_default = new Ed25519Signer();

package/lib/signer/ed25519.cjs

@@ -5,13 +5,15 @@ const require_protocols_signer = require('../protocols/signer.cjs');
 let _ocap_util = require("@ocap/util");
 let randombytes = require("randombytes");
 randombytes = require_rolldown_runtime.__toESM(randombytes);
-let tweetnacl = require("tweetnacl");
-tweetnacl = require_rolldown_runtime.__toESM(tweetnacl);
+let hash_js = require("hash.js");
+hash_js = require_rolldown_runtime.__toESM(hash_js);
+let _noble_ed25519 = require("@noble/ed25519");
+_noble_ed25519 = require_rolldown_runtime.__toESM(_noble_ed25519);
 
 //#region src/signer/ed25519.ts
-const ed25519 = tweetnacl.default.sign;
+_noble_ed25519.hashes.sha512 = (msg) => new Uint8Array(hash_js.default.sha512().update(msg).digest());
 /**
-* Signer implementation for ed25519, based on `tweetnacl`
+* Signer implementation for ed25519, based on `@noble/ed25519`
 *
 * @class Ed25519Signer
 */
@@ -34,10 +36,14 @@ var Ed25519Signer = class extends require_protocols_signer.default {
 	genKeyPair(encoding = "hex", userSeed) {
 		const seed = userSeed ? (0, _ocap_util.toUint8Array)(userSeed) : new Uint8Array((0, randombytes.default)(32));
 		if (seed.byteLength !== 32) throw new Error("Invalid seed to generate key pair");
-		const keyPair = ed25519.keyPair.fromSeed(seed);
-		keyPair.publicKey = require_encode.encode(keyPair.publicKey, encoding);
-		keyPair.secretKey = require_encode.encode(keyPair.secretKey, encoding);
-		return keyPair;
+		const publicKey = _noble_ed25519.getPublicKey(seed);
+		const secretKey = new Uint8Array(64);
+		secretKey.set(seed);
+		secretKey.set(publicKey, 32);
+		return {
+			publicKey: require_encode.encode(publicKey, encoding),
+			secretKey: require_encode.encode(secretKey, encoding)
+		};
 	}
 	/**
 	* Get publicKey from secretKey
@@ -47,8 +53,8 @@ var Ed25519Signer = class extends require_protocols_signer.default {
 	*/
 	getPublicKey(sk, encoding = "hex") {
 		const skBytes = (0, _ocap_util.toUint8Array)(sk);
-		const pk = ed25519.keyPair.fromSecretKey(skBytes).publicKey;
-		return require_encode.encode(pk, encoding);
+		if (skBytes.byteLength === 64) return require_encode.encode(skBytes.slice(32, 64), encoding);
+		return require_encode.encode(_noble_ed25519.getPublicKey(skBytes), encoding);
 	}
 	/**
 	* Sign a message and get the signature hex
@@ -58,9 +64,9 @@ var Ed25519Signer = class extends require_protocols_signer.default {
 	* @returns {string} hex encoded signature
 	*/
 	sign(message, sk, encoding = "hex") {
-		const skBytes = (0, _ocap_util.toUint8Array)(sk);
+		const seed = (0, _ocap_util.toUint8Array)(sk).slice(0, 32);
 		const messageBytes = (0, _ocap_util.toUint8Array)(message);
-		return require_encode.encode(ed25519.detached(messageBytes, skBytes), encoding);
+		return require_encode.encode(_noble_ed25519.sign(messageBytes, seed), encoding);
 	}
 	/**
 	* Verify if a signature is valid
@@ -74,7 +80,7 @@ var Ed25519Signer = class extends require_protocols_signer.default {
 		const pkBytes = (0, _ocap_util.toUint8Array)(pk);
 		const messageBytes = (0, _ocap_util.toUint8Array)(message);
 		const signatureBytes = (0, _ocap_util.toUint8Array)(signature);
-		return ed25519.detached.verify(messageBytes, signatureBytes, pkBytes);
+		return _noble_ed25519.verify(signatureBytes, messageBytes, pkBytes);
 	}
 };
 var ed25519_default = new Ed25519Signer();

package/lib/signer/ed25519.d.cts

@@ -4,7 +4,7 @@ import { BytesType, EncodingType, KeyPairType } from "@ocap/util";
 //#region src/signer/ed25519.d.ts
 
 /**
- * Signer implementation for ed25519, based on `tweetnacl`
+ * Signer implementation for ed25519, based on `@noble/ed25519`
  *
  * @class Ed25519Signer
  */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ocap/mcrypto",
-  "version": "1.29.3",
+  "version": "1.29.5",
   "type": "module",
   "description": "Crypto lib that provides signer,crypter,hasher interface",
   "keywords": [
@@ -48,7 +48,7 @@
     "esm"
   ],
   "devDependencies": {
-    "@ocap/e2e-test": "1.29.3",
+    "@ocap/e2e-test": "1.29.5",
     "@types/crypto-js": "^4.2.2",
     "@types/elliptic": "^6.4.18",
     "@types/node": "^22.7.5",
@@ -73,7 +73,8 @@
     "url": "https://github.com/ArcBlock/blockchain/issues"
   },
   "dependencies": {
-    "@ocap/util": "1.29.3",
+    "@noble/ed25519": "^3.0.0",
+    "@ocap/util": "1.29.5",
     "@simplewebauthn/server": "^13.0.0",
     "bn.js": "5.2.2",
     "crypto-js": "^4.2.0",
@@ -82,8 +83,7 @@
     "hash.js": "^1.1.7",
     "interface": "^1.2.1",
     "js-sha3": "^0.8.0",
-    "randombytes": "^2.1.0",
-    "tweetnacl": "^1.0.3"
+    "randombytes": "^2.1.0"
   },
   "resolutions": {
     "bn.js": "5.2.2",