@taquito/remote-signer 11.0.2 → 11.2.0-beta-RC.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/errors.js +12 -12
- package/dist/lib/errors.js.map +1 -1
- package/dist/lib/taquito-remote-signer.js +108 -160
- package/dist/lib/taquito-remote-signer.js.map +1 -1
- package/dist/lib/version.js +2 -4
- package/dist/lib/version.js.map +1 -1
- package/dist/taquito-remote-signer.es6.js +200 -0
- package/dist/taquito-remote-signer.es6.js.map +1 -0
- package/dist/taquito-remote-signer.umd.js +121 -176
- package/dist/taquito-remote-signer.umd.js.map +1 -1
- package/dist/types/errors.d.ts +3 -3
- package/dist/types/taquito-remote-signer.d.ts +1 -1
- package/package.json +23 -24
- package/dist/taquito-remote-signer.es5.js +0 -255
- package/dist/taquito-remote-signer.es5.js.map +0 -1
package/dist/lib/errors.js
CHANGED
|
@@ -1,32 +1,32 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.BadSigningDataError = exports.OperationNotAuthorizedError = exports.KeyNotFoundError = void 0;
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
class KeyNotFoundError extends Error {
|
|
5
|
+
constructor(message, innerException) {
|
|
6
|
+
super(message);
|
|
6
7
|
this.message = message;
|
|
7
8
|
this.innerException = innerException;
|
|
8
9
|
this.name = 'KeyNotFoundError';
|
|
9
10
|
}
|
|
10
|
-
|
|
11
|
-
}());
|
|
11
|
+
}
|
|
12
12
|
exports.KeyNotFoundError = KeyNotFoundError;
|
|
13
|
-
|
|
14
|
-
|
|
13
|
+
class OperationNotAuthorizedError extends Error {
|
|
14
|
+
constructor(message, innerException) {
|
|
15
|
+
super(message);
|
|
15
16
|
this.message = message;
|
|
16
17
|
this.innerException = innerException;
|
|
17
18
|
this.name = 'OperationNotAuthorized';
|
|
18
19
|
}
|
|
19
|
-
|
|
20
|
-
}());
|
|
20
|
+
}
|
|
21
21
|
exports.OperationNotAuthorizedError = OperationNotAuthorizedError;
|
|
22
|
-
|
|
23
|
-
|
|
22
|
+
class BadSigningDataError extends Error {
|
|
23
|
+
constructor(message, innerException, data) {
|
|
24
|
+
super(message);
|
|
24
25
|
this.message = message;
|
|
25
26
|
this.innerException = innerException;
|
|
26
27
|
this.data = data;
|
|
27
28
|
this.name = 'BadSigningData';
|
|
28
29
|
}
|
|
29
|
-
|
|
30
|
-
}());
|
|
30
|
+
}
|
|
31
31
|
exports.BadSigningDataError = BadSigningDataError;
|
|
32
32
|
//# sourceMappingURL=errors.js.map
|
package/dist/lib/errors.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":";;;AAAA;
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":";;;AAAA,MAAa,gBAAiB,SAAQ,KAAK;IAEzC,YAAmB,OAAe,EAAS,cAAmB;QAC5D,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QADvD,SAAI,GAAG,kBAAkB,CAAC;IAGjC,CAAC;CACF;AALD,4CAKC;AAED,MAAa,2BAA4B,SAAQ,KAAK;IAEpD,YAAmB,OAAe,EAAS,cAAmB;QAC5D,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QADvD,SAAI,GAAG,wBAAwB,CAAC;IAGvC,CAAC;CACF;AALD,kEAKC;AAED,MAAa,mBAAoB,SAAQ,KAAK;IAE5C,YAAmB,OAAe,EAAS,cAAmB,EAAkB,IAAS;QACvF,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QAAkB,SAAI,GAAJ,IAAI,CAAK;QADlF,SAAI,GAAG,gBAAgB,CAAC;IAG/B,CAAC;CACF;AALD,kDAKC"}
|
|
@@ -8,47 +8,20 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
12
|
-
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
|
|
13
|
-
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
|
|
14
|
-
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
15
|
-
function step(op) {
|
|
16
|
-
if (f) throw new TypeError("Generator is already executing.");
|
|
17
|
-
while (_) try {
|
|
18
|
-
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
19
|
-
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
20
|
-
switch (op[0]) {
|
|
21
|
-
case 0: case 1: t = op; break;
|
|
22
|
-
case 4: _.label++; return { value: op[1], done: false };
|
|
23
|
-
case 5: _.label++; y = op[1]; op = [0]; continue;
|
|
24
|
-
case 7: op = _.ops.pop(); _.trys.pop(); continue;
|
|
25
|
-
default:
|
|
26
|
-
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
|
|
27
|
-
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
|
|
28
|
-
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
|
|
29
|
-
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
|
|
30
|
-
if (t[2]) _.ops.pop();
|
|
31
|
-
_.trys.pop(); continue;
|
|
32
|
-
}
|
|
33
|
-
op = body.call(thisArg, _);
|
|
34
|
-
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
|
|
35
|
-
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
36
|
-
}
|
|
37
|
-
};
|
|
38
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
12
|
exports.RemoteSigner = exports.VERSION = void 0;
|
|
40
13
|
/**
|
|
41
14
|
* @packageDocumentation
|
|
42
15
|
* @module @taquito/remote-signer
|
|
43
16
|
*/
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
17
|
+
const http_utils_1 = require("@taquito/http-utils");
|
|
18
|
+
const utils_1 = require("@taquito/utils");
|
|
19
|
+
const libsodium_wrappers_1 = require("libsodium-wrappers");
|
|
20
|
+
const typedarray_to_buffer_1 = require("typedarray-to-buffer");
|
|
21
|
+
const errors_1 = require("./errors");
|
|
49
22
|
var version_1 = require("./version");
|
|
50
23
|
Object.defineProperty(exports, "VERSION", { enumerable: true, get: function () { return version_1.VERSION; } });
|
|
51
|
-
|
|
24
|
+
const pref = {
|
|
52
25
|
ed: {
|
|
53
26
|
pk: utils_1.prefix['edpk'],
|
|
54
27
|
sk: utils_1.prefix['edsk'],
|
|
@@ -68,145 +41,120 @@ var pref = {
|
|
|
68
41
|
sig: utils_1.prefix.spsig,
|
|
69
42
|
},
|
|
70
43
|
};
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
if (options === void 0) { options = {}; }
|
|
74
|
-
if (http === void 0) { http = new http_utils_1.HttpBackend(); }
|
|
44
|
+
class RemoteSigner {
|
|
45
|
+
constructor(pkh, rootUrl, options = {}, http = new http_utils_1.HttpBackend()) {
|
|
75
46
|
this.pkh = pkh;
|
|
76
47
|
this.rootUrl = rootUrl;
|
|
77
48
|
this.options = options;
|
|
78
49
|
this.http = http;
|
|
50
|
+
if (utils_1.validateKeyHash(this.pkh) !== utils_1.ValidationResult.VALID) {
|
|
51
|
+
throw new utils_1.InvalidKeyHashError(`Invalid Public Key Hash: ${this.pkh}`);
|
|
52
|
+
}
|
|
79
53
|
}
|
|
80
|
-
|
|
81
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
82
|
-
return
|
|
83
|
-
return [2 /*return*/, this.pkh];
|
|
84
|
-
});
|
|
54
|
+
publicKeyHash() {
|
|
55
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
56
|
+
return this.pkh;
|
|
85
57
|
});
|
|
86
|
-
}
|
|
87
|
-
|
|
58
|
+
}
|
|
59
|
+
createURL(path) {
|
|
88
60
|
// Trim trailing slashes because it is assumed to be included in path
|
|
89
|
-
return
|
|
90
|
-
}
|
|
91
|
-
|
|
92
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
case 2:
|
|
107
|
-
ex_1 = _a.sent();
|
|
108
|
-
if (ex_1 instanceof http_utils_1.HttpResponseError) {
|
|
109
|
-
if (ex_1.status === http_utils_1.STATUS_CODE.NOT_FOUND) {
|
|
110
|
-
throw new errors_1.KeyNotFoundError("Key not found: " + this.pkh, ex_1);
|
|
111
|
-
}
|
|
112
|
-
}
|
|
113
|
-
throw ex_1;
|
|
114
|
-
case 3: return [2 /*return*/];
|
|
61
|
+
return `${this.rootUrl.replace(/\/+$/g, '')}${path}`;
|
|
62
|
+
}
|
|
63
|
+
publicKey() {
|
|
64
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
65
|
+
try {
|
|
66
|
+
const { public_key } = yield this.http.createRequest({
|
|
67
|
+
url: this.createURL(`/keys/${this.pkh}`),
|
|
68
|
+
method: 'GET',
|
|
69
|
+
headers: this.options.headers,
|
|
70
|
+
});
|
|
71
|
+
return public_key;
|
|
72
|
+
}
|
|
73
|
+
catch (ex) {
|
|
74
|
+
if (ex instanceof http_utils_1.HttpResponseError) {
|
|
75
|
+
if (ex.status === http_utils_1.STATUS_CODE.NOT_FOUND) {
|
|
76
|
+
throw new errors_1.KeyNotFoundError(`Key not found: ${this.pkh}`, ex);
|
|
77
|
+
}
|
|
115
78
|
}
|
|
116
|
-
|
|
79
|
+
throw ex;
|
|
80
|
+
}
|
|
117
81
|
});
|
|
118
|
-
}
|
|
119
|
-
|
|
120
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
121
|
-
|
|
122
|
-
throw new Error('Secret key cannot be exposed');
|
|
123
|
-
});
|
|
82
|
+
}
|
|
83
|
+
secretKey() {
|
|
84
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
85
|
+
throw new Error('Secret key cannot be exposed');
|
|
124
86
|
});
|
|
125
|
-
}
|
|
126
|
-
|
|
127
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
_a.trys.push([0, 4, , 5]);
|
|
133
|
-
bb = utils_1.hex2buf(bytes);
|
|
134
|
-
if (typeof watermark !== 'undefined') {
|
|
135
|
-
bb = utils_1.mergebuf(watermark, bb);
|
|
136
|
-
}
|
|
137
|
-
watermarkedBytes = utils_1.buf2hex(typedarray_to_buffer_1.default(bb));
|
|
138
|
-
return [4 /*yield*/, this.http.createRequest({
|
|
139
|
-
url: this.createURL("/keys/" + this.pkh),
|
|
140
|
-
method: 'POST',
|
|
141
|
-
headers: this.options.headers,
|
|
142
|
-
}, watermarkedBytes)];
|
|
143
|
-
case 1:
|
|
144
|
-
signature = (_a.sent()).signature;
|
|
145
|
-
pref_1 = signature.startsWith('sig')
|
|
146
|
-
? signature.substring(0, 3)
|
|
147
|
-
: signature.substring(0, 5);
|
|
148
|
-
if (!utils_1.isValidPrefix(pref_1)) {
|
|
149
|
-
throw new Error("Unsupported signature given by remote signer: " + signature);
|
|
150
|
-
}
|
|
151
|
-
decoded = utils_1.b58cdecode(signature, utils_1.prefix[pref_1]);
|
|
152
|
-
return [4 /*yield*/, this.publicKey()];
|
|
153
|
-
case 2:
|
|
154
|
-
pk = _a.sent();
|
|
155
|
-
return [4 /*yield*/, this.verifyPublicKey(pk)];
|
|
156
|
-
case 3:
|
|
157
|
-
_a.sent();
|
|
158
|
-
signatureVerified = utils_1.verifySignature(watermarkedBytes, pk, signature);
|
|
159
|
-
if (!signatureVerified) {
|
|
160
|
-
throw new Error("Signature failed verification against public key:\n {\n bytes: " + watermarkedBytes + ",\n signature: " + signature + "\n }");
|
|
161
|
-
}
|
|
162
|
-
return [2 /*return*/, {
|
|
163
|
-
bytes: bytes,
|
|
164
|
-
sig: utils_1.b58cencode(decoded, utils_1.prefix.sig),
|
|
165
|
-
prefixSig: signature,
|
|
166
|
-
sbytes: bytes + utils_1.buf2hex(typedarray_to_buffer_1.default(decoded)),
|
|
167
|
-
}];
|
|
168
|
-
case 4:
|
|
169
|
-
ex_2 = _a.sent();
|
|
170
|
-
if (ex_2 instanceof http_utils_1.HttpResponseError) {
|
|
171
|
-
if (ex_2.status === http_utils_1.STATUS_CODE.NOT_FOUND) {
|
|
172
|
-
throw new errors_1.KeyNotFoundError("Key not found: " + this.pkh, ex_2);
|
|
173
|
-
}
|
|
174
|
-
else if (ex_2.status === http_utils_1.STATUS_CODE.FORBIDDEN) {
|
|
175
|
-
throw new errors_1.OperationNotAuthorizedError('Signing Operation not authorized', ex_2);
|
|
176
|
-
}
|
|
177
|
-
else if (ex_2.status === http_utils_1.STATUS_CODE.BAD_REQUEST) {
|
|
178
|
-
throw new errors_1.BadSigningDataError('Invalid data', ex_2, {
|
|
179
|
-
bytes: bytes,
|
|
180
|
-
watermark: watermark,
|
|
181
|
-
});
|
|
182
|
-
}
|
|
183
|
-
}
|
|
184
|
-
throw ex_2;
|
|
185
|
-
case 5: return [2 /*return*/];
|
|
87
|
+
}
|
|
88
|
+
sign(bytes, watermark) {
|
|
89
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
90
|
+
try {
|
|
91
|
+
let bb = utils_1.hex2buf(bytes);
|
|
92
|
+
if (typeof watermark !== 'undefined') {
|
|
93
|
+
bb = utils_1.mergebuf(watermark, bb);
|
|
186
94
|
}
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
95
|
+
const watermarkedBytes = utils_1.buf2hex(typedarray_to_buffer_1.default(bb));
|
|
96
|
+
const { signature } = yield this.http.createRequest({
|
|
97
|
+
url: this.createURL(`/keys/${this.pkh}`),
|
|
98
|
+
method: 'POST',
|
|
99
|
+
headers: this.options.headers,
|
|
100
|
+
}, watermarkedBytes);
|
|
101
|
+
const pref = signature.startsWith('sig')
|
|
102
|
+
? signature.substring(0, 3)
|
|
103
|
+
: signature.substring(0, 5);
|
|
104
|
+
if (!utils_1.isValidPrefix(pref)) {
|
|
105
|
+
throw new Error(`Unsupported signature given by remote signer: ${signature}`);
|
|
106
|
+
}
|
|
107
|
+
const decoded = utils_1.b58cdecode(signature, utils_1.prefix[pref]);
|
|
108
|
+
const pk = yield this.publicKey();
|
|
109
|
+
yield this.verifyPublicKey(pk);
|
|
110
|
+
const signatureVerified = utils_1.verifySignature(watermarkedBytes, pk, signature);
|
|
111
|
+
if (!signatureVerified) {
|
|
112
|
+
throw new Error(`Signature failed verification against public key:
|
|
113
|
+
{
|
|
114
|
+
bytes: ${watermarkedBytes},
|
|
115
|
+
signature: ${signature}
|
|
116
|
+
}`);
|
|
205
117
|
}
|
|
206
|
-
|
|
118
|
+
return {
|
|
119
|
+
bytes,
|
|
120
|
+
sig: utils_1.b58cencode(decoded, utils_1.prefix.sig),
|
|
121
|
+
prefixSig: signature,
|
|
122
|
+
sbytes: bytes + utils_1.buf2hex(typedarray_to_buffer_1.default(decoded)),
|
|
123
|
+
};
|
|
124
|
+
}
|
|
125
|
+
catch (ex) {
|
|
126
|
+
if (ex instanceof http_utils_1.HttpResponseError) {
|
|
127
|
+
if (ex.status === http_utils_1.STATUS_CODE.NOT_FOUND) {
|
|
128
|
+
throw new errors_1.KeyNotFoundError(`Key not found: ${this.pkh}`, ex);
|
|
129
|
+
}
|
|
130
|
+
else if (ex.status === http_utils_1.STATUS_CODE.FORBIDDEN) {
|
|
131
|
+
throw new errors_1.OperationNotAuthorizedError('Signing Operation not authorized', ex);
|
|
132
|
+
}
|
|
133
|
+
else if (ex.status === http_utils_1.STATUS_CODE.BAD_REQUEST) {
|
|
134
|
+
throw new errors_1.BadSigningDataError('Invalid data', ex, {
|
|
135
|
+
bytes,
|
|
136
|
+
watermark,
|
|
137
|
+
});
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
throw ex;
|
|
141
|
+
}
|
|
207
142
|
});
|
|
208
|
-
}
|
|
209
|
-
|
|
210
|
-
|
|
143
|
+
}
|
|
144
|
+
verifyPublicKey(publicKey) {
|
|
145
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
146
|
+
yield libsodium_wrappers_1.default.ready;
|
|
147
|
+
const curve = publicKey.substring(0, 2);
|
|
148
|
+
const _publicKey = typedarray_to_buffer_1.default(utils_1.b58cdecode(publicKey, pref[curve].pk));
|
|
149
|
+
const publicKeyHash = utils_1.b58cencode(libsodium_wrappers_1.default.crypto_generichash(20, _publicKey), pref[curve].pkh);
|
|
150
|
+
if (publicKeyHash !== this.pkh) {
|
|
151
|
+
throw new Error(`Requested public key does not match the initialized public key hash: {
|
|
152
|
+
publicKey: ${publicKey},
|
|
153
|
+
publicKeyHash: ${this.pkh}
|
|
154
|
+
}`);
|
|
155
|
+
}
|
|
156
|
+
});
|
|
157
|
+
}
|
|
158
|
+
}
|
|
211
159
|
exports.RemoteSigner = RemoteSigner;
|
|
212
160
|
//# sourceMappingURL=taquito-remote-signer.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"taquito-remote-signer.js","sourceRoot":"","sources":["../../src/taquito-remote-signer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"taquito-remote-signer.js","sourceRoot":"","sources":["../../src/taquito-remote-signer.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;GAGG;AACH,oDAAkF;AAClF,0CAYwB;AAExB,2DAAwC;AACxC,+DAA4C;AAC5C,qCAA8F;AAiB9F,qCAAoC;AAA3B,kGAAA,OAAO,OAAA;AAEhB,MAAM,IAAI,GAAG;IACX,EAAE,EAAE;QACF,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,cAAM,CAAC,GAAG;QACf,GAAG,EAAE,cAAM,CAAC,KAAK;KAClB;IACD,EAAE,EAAE;QACF,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,cAAM,CAAC,GAAG;QACf,GAAG,EAAE,cAAM,CAAC,KAAK;KAClB;IACD,EAAE,EAAE;QACF,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,cAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,cAAM,CAAC,GAAG;QACf,GAAG,EAAE,cAAM,CAAC,KAAK;KAClB;CACF,CAAC;AAEF,MAAa,YAAY;IACvB,YACU,GAAW,EACX,OAAe,EACf,UAA+B,EAAE,EACjC,OAAO,IAAI,wBAAW,EAAE;QAHxB,QAAG,GAAH,GAAG,CAAQ;QACX,YAAO,GAAP,OAAO,CAAQ;QACf,YAAO,GAAP,OAAO,CAA0B;QACjC,SAAI,GAAJ,IAAI,CAAoB;QAEhC,IAAI,uBAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,wBAAgB,CAAC,KAAK,EAAE;YACxD,MAAO,IAAI,2BAAmB,CAAC,4BAA4B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;SACxE;IACH,CAAC;IAEK,aAAa;;YACjB,OAAO,IAAI,CAAC,GAAG,CAAC;QAClB,CAAC;KAAA;IAEO,SAAS,CAAC,IAAY;QAC5B,qEAAqE;QACrE,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC;IACvD,CAAC;IAEK,SAAS;;YACb,IAAI;gBACF,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CAAoB;oBACtE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC;oBACxC,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;iBAC9B,CAAC,CAAC;gBACH,OAAO,UAAU,CAAC;aACnB;YAAC,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,YAAY,8BAAiB,EAAE;oBACnC,IAAI,EAAE,CAAC,MAAM,KAAK,wBAAW,CAAC,SAAS,EAAE;wBACvC,MAAM,IAAI,yBAAgB,CAAC,kBAAkB,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;qBAC9D;iBACF;gBACD,MAAM,EAAE,CAAC;aACV;QACH,CAAC;KAAA;IAEK,SAAS;;YACb,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;KAAA;IAEK,IAAI,CAAC,KAAa,EAAE,SAAsB;;YAC9C,IAAI;gBACF,IAAI,EAAE,GAAG,eAAO,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,OAAO,SAAS,KAAK,WAAW,EAAE;oBACpC,EAAE,GAAG,gBAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;iBAC9B;gBACD,MAAM,gBAAgB,GAAG,eAAO,CAAC,8BAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CACjD;oBACE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC;oBACxC,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;iBAC9B,EACD,gBAAgB,CACjB,CAAC;gBACF,MAAM,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,KAAK,CAAC;oBACtC,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC;oBAC3B,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAE9B,IAAI,CAAC,qBAAa,CAAC,IAAI,CAAC,EAAE;oBACxB,MAAM,IAAI,KAAK,CAAC,iDAAiD,SAAS,EAAE,CAAC,CAAC;iBAC/E;gBAED,MAAM,OAAO,GAAG,kBAAU,CAAC,SAAS,EAAE,cAAM,CAAC,IAAI,CAAC,CAAC,CAAC;gBAEpD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAClC,MAAM,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,uBAAe,CAAC,gBAAgB,EAAE,EAAE,EAAE,SAAS,CAAC,CAAC;gBAC3E,IAAI,CAAC,iBAAiB,EAAE;oBACtB,MAAM,IAAI,KAAK,CACb;;qBAEW,gBAAgB;yBACZ,SAAS;YACtB,CACH,CAAC;iBACH;gBAED,OAAO;oBACL,KAAK;oBACL,GAAG,EAAE,kBAAU,CAAC,OAAO,EAAE,cAAM,CAAC,GAAG,CAAC;oBACpC,SAAS,EAAE,SAAS;oBACpB,MAAM,EAAE,KAAK,GAAG,eAAO,CAAC,8BAAQ,CAAC,OAAO,CAAC,CAAC;iBAC3C,CAAC;aACH;YAAC,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,YAAY,8BAAiB,EAAE;oBACnC,IAAI,EAAE,CAAC,MAAM,KAAK,wBAAW,CAAC,SAAS,EAAE;wBACvC,MAAM,IAAI,yBAAgB,CAAC,kBAAkB,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;qBAC9D;yBAAM,IAAI,EAAE,CAAC,MAAM,KAAK,wBAAW,CAAC,SAAS,EAAE;wBAC9C,MAAM,IAAI,oCAA2B,CAAC,kCAAkC,EAAE,EAAE,CAAC,CAAC;qBAC/E;yBAAM,IAAI,EAAE,CAAC,MAAM,KAAK,wBAAW,CAAC,WAAW,EAAE;wBAChD,MAAM,IAAI,4BAAmB,CAAC,cAAc,EAAE,EAAE,EAAE;4BAChD,KAAK;4BACL,SAAS;yBACV,CAAC,CAAC;qBACJ;iBACF;gBACD,MAAM,EAAE,CAAC;aACV;QACH,CAAC;KAAA;IAEK,eAAe,CAAC,SAAiB;;YACrC,MAAM,4BAAM,CAAC,KAAK,CAAC;YACnB,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAW,CAAC;YAClD,MAAM,UAAU,GAAG,8BAAQ,CAAC,kBAAU,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAEnE,MAAM,aAAa,GAAG,kBAAU,CAAC,4BAAM,CAAC,kBAAkB,CAAC,EAAE,EAAE,UAAU,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;YAC7F,IAAI,aAAa,KAAK,IAAI,CAAC,GAAG,EAAE;gBAC9B,MAAM,IAAI,KAAK,CACb;uBACe,SAAS;2BACL,IAAI,CAAC,GAAG;UACzB,CACH,CAAC;aACH;QACH,CAAC;KAAA;CACF;AAvHD,oCAuHC"}
|
package/dist/lib/version.js
CHANGED
|
@@ -2,10 +2,8 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.VERSION = void 0;
|
|
4
4
|
// IMPORTANT: THIS FILE IS AUTO GENERATED! DO NOT MANUALLY EDIT OR CHECKIN!
|
|
5
|
-
/* tslint:disable */
|
|
6
5
|
exports.VERSION = {
|
|
7
|
-
"commitHash": "
|
|
8
|
-
"version": "11.0.
|
|
6
|
+
"commitHash": "e03d983c780c7f96d8291ddd1251ea82f4581858",
|
|
7
|
+
"version": "11.2.0-beta-RC.0"
|
|
9
8
|
};
|
|
10
|
-
/* tslint:enable */
|
|
11
9
|
//# sourceMappingURL=version.js.map
|
package/dist/lib/version.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":";;;AACA,2EAA2E;
|
|
1
|
+
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/version.ts"],"names":[],"mappings":";;;AACA,2EAA2E;AAC9D,QAAA,OAAO,GAAG;IACnB,YAAY,EAAE,0CAA0C;IACxD,SAAS,EAAE,kBAAkB;CAChC,CAAC"}
|
|
@@ -0,0 +1,200 @@
|
|
|
1
|
+
import { HttpBackend, HttpResponseError, STATUS_CODE } from '@taquito/http-utils';
|
|
2
|
+
import { prefix, validateKeyHash, ValidationResult, InvalidKeyHashError, hex2buf, mergebuf, buf2hex, isValidPrefix, b58cdecode, verifySignature, b58cencode } from '@taquito/utils';
|
|
3
|
+
import sodium from 'libsodium-wrappers';
|
|
4
|
+
import toBuffer from 'typedarray-to-buffer';
|
|
5
|
+
|
|
6
|
+
/*! *****************************************************************************
|
|
7
|
+
Copyright (c) Microsoft Corporation.
|
|
8
|
+
|
|
9
|
+
Permission to use, copy, modify, and/or distribute this software for any
|
|
10
|
+
purpose with or without fee is hereby granted.
|
|
11
|
+
|
|
12
|
+
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
|
|
13
|
+
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
14
|
+
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
|
|
15
|
+
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
|
16
|
+
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
|
|
17
|
+
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
|
18
|
+
PERFORMANCE OF THIS SOFTWARE.
|
|
19
|
+
***************************************************************************** */
|
|
20
|
+
|
|
21
|
+
function __awaiter(thisArg, _arguments, P, generator) {
|
|
22
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
23
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
24
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
25
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
26
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
27
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
class KeyNotFoundError extends Error {
|
|
32
|
+
constructor(message, innerException) {
|
|
33
|
+
super(message);
|
|
34
|
+
this.message = message;
|
|
35
|
+
this.innerException = innerException;
|
|
36
|
+
this.name = 'KeyNotFoundError';
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
class OperationNotAuthorizedError extends Error {
|
|
40
|
+
constructor(message, innerException) {
|
|
41
|
+
super(message);
|
|
42
|
+
this.message = message;
|
|
43
|
+
this.innerException = innerException;
|
|
44
|
+
this.name = 'OperationNotAuthorized';
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
class BadSigningDataError extends Error {
|
|
48
|
+
constructor(message, innerException, data) {
|
|
49
|
+
super(message);
|
|
50
|
+
this.message = message;
|
|
51
|
+
this.innerException = innerException;
|
|
52
|
+
this.data = data;
|
|
53
|
+
this.name = 'BadSigningData';
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
// IMPORTANT: THIS FILE IS AUTO GENERATED! DO NOT MANUALLY EDIT OR CHECKIN!
|
|
58
|
+
const VERSION = {
|
|
59
|
+
"commitHash": "e03d983c780c7f96d8291ddd1251ea82f4581858",
|
|
60
|
+
"version": "11.2.0-beta-RC.0"
|
|
61
|
+
};
|
|
62
|
+
|
|
63
|
+
const pref = {
|
|
64
|
+
ed: {
|
|
65
|
+
pk: prefix['edpk'],
|
|
66
|
+
sk: prefix['edsk'],
|
|
67
|
+
pkh: prefix.tz1,
|
|
68
|
+
sig: prefix.edsig,
|
|
69
|
+
},
|
|
70
|
+
p2: {
|
|
71
|
+
pk: prefix['p2pk'],
|
|
72
|
+
sk: prefix['p2sk'],
|
|
73
|
+
pkh: prefix.tz3,
|
|
74
|
+
sig: prefix.p2sig,
|
|
75
|
+
},
|
|
76
|
+
sp: {
|
|
77
|
+
pk: prefix['sppk'],
|
|
78
|
+
sk: prefix['spsk'],
|
|
79
|
+
pkh: prefix.tz2,
|
|
80
|
+
sig: prefix.spsig,
|
|
81
|
+
},
|
|
82
|
+
};
|
|
83
|
+
class RemoteSigner {
|
|
84
|
+
constructor(pkh, rootUrl, options = {}, http = new HttpBackend()) {
|
|
85
|
+
this.pkh = pkh;
|
|
86
|
+
this.rootUrl = rootUrl;
|
|
87
|
+
this.options = options;
|
|
88
|
+
this.http = http;
|
|
89
|
+
if (validateKeyHash(this.pkh) !== ValidationResult.VALID) {
|
|
90
|
+
throw new InvalidKeyHashError(`Invalid Public Key Hash: ${this.pkh}`);
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
publicKeyHash() {
|
|
94
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
95
|
+
return this.pkh;
|
|
96
|
+
});
|
|
97
|
+
}
|
|
98
|
+
createURL(path) {
|
|
99
|
+
// Trim trailing slashes because it is assumed to be included in path
|
|
100
|
+
return `${this.rootUrl.replace(/\/+$/g, '')}${path}`;
|
|
101
|
+
}
|
|
102
|
+
publicKey() {
|
|
103
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
104
|
+
try {
|
|
105
|
+
const { public_key } = yield this.http.createRequest({
|
|
106
|
+
url: this.createURL(`/keys/${this.pkh}`),
|
|
107
|
+
method: 'GET',
|
|
108
|
+
headers: this.options.headers,
|
|
109
|
+
});
|
|
110
|
+
return public_key;
|
|
111
|
+
}
|
|
112
|
+
catch (ex) {
|
|
113
|
+
if (ex instanceof HttpResponseError) {
|
|
114
|
+
if (ex.status === STATUS_CODE.NOT_FOUND) {
|
|
115
|
+
throw new KeyNotFoundError(`Key not found: ${this.pkh}`, ex);
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
throw ex;
|
|
119
|
+
}
|
|
120
|
+
});
|
|
121
|
+
}
|
|
122
|
+
secretKey() {
|
|
123
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
124
|
+
throw new Error('Secret key cannot be exposed');
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
sign(bytes, watermark) {
|
|
128
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
129
|
+
try {
|
|
130
|
+
let bb = hex2buf(bytes);
|
|
131
|
+
if (typeof watermark !== 'undefined') {
|
|
132
|
+
bb = mergebuf(watermark, bb);
|
|
133
|
+
}
|
|
134
|
+
const watermarkedBytes = buf2hex(toBuffer(bb));
|
|
135
|
+
const { signature } = yield this.http.createRequest({
|
|
136
|
+
url: this.createURL(`/keys/${this.pkh}`),
|
|
137
|
+
method: 'POST',
|
|
138
|
+
headers: this.options.headers,
|
|
139
|
+
}, watermarkedBytes);
|
|
140
|
+
const pref = signature.startsWith('sig')
|
|
141
|
+
? signature.substring(0, 3)
|
|
142
|
+
: signature.substring(0, 5);
|
|
143
|
+
if (!isValidPrefix(pref)) {
|
|
144
|
+
throw new Error(`Unsupported signature given by remote signer: ${signature}`);
|
|
145
|
+
}
|
|
146
|
+
const decoded = b58cdecode(signature, prefix[pref]);
|
|
147
|
+
const pk = yield this.publicKey();
|
|
148
|
+
yield this.verifyPublicKey(pk);
|
|
149
|
+
const signatureVerified = verifySignature(watermarkedBytes, pk, signature);
|
|
150
|
+
if (!signatureVerified) {
|
|
151
|
+
throw new Error(`Signature failed verification against public key:
|
|
152
|
+
{
|
|
153
|
+
bytes: ${watermarkedBytes},
|
|
154
|
+
signature: ${signature}
|
|
155
|
+
}`);
|
|
156
|
+
}
|
|
157
|
+
return {
|
|
158
|
+
bytes,
|
|
159
|
+
sig: b58cencode(decoded, prefix.sig),
|
|
160
|
+
prefixSig: signature,
|
|
161
|
+
sbytes: bytes + buf2hex(toBuffer(decoded)),
|
|
162
|
+
};
|
|
163
|
+
}
|
|
164
|
+
catch (ex) {
|
|
165
|
+
if (ex instanceof HttpResponseError) {
|
|
166
|
+
if (ex.status === STATUS_CODE.NOT_FOUND) {
|
|
167
|
+
throw new KeyNotFoundError(`Key not found: ${this.pkh}`, ex);
|
|
168
|
+
}
|
|
169
|
+
else if (ex.status === STATUS_CODE.FORBIDDEN) {
|
|
170
|
+
throw new OperationNotAuthorizedError('Signing Operation not authorized', ex);
|
|
171
|
+
}
|
|
172
|
+
else if (ex.status === STATUS_CODE.BAD_REQUEST) {
|
|
173
|
+
throw new BadSigningDataError('Invalid data', ex, {
|
|
174
|
+
bytes,
|
|
175
|
+
watermark,
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
throw ex;
|
|
180
|
+
}
|
|
181
|
+
});
|
|
182
|
+
}
|
|
183
|
+
verifyPublicKey(publicKey) {
|
|
184
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
185
|
+
yield sodium.ready;
|
|
186
|
+
const curve = publicKey.substring(0, 2);
|
|
187
|
+
const _publicKey = toBuffer(b58cdecode(publicKey, pref[curve].pk));
|
|
188
|
+
const publicKeyHash = b58cencode(sodium.crypto_generichash(20, _publicKey), pref[curve].pkh);
|
|
189
|
+
if (publicKeyHash !== this.pkh) {
|
|
190
|
+
throw new Error(`Requested public key does not match the initialized public key hash: {
|
|
191
|
+
publicKey: ${publicKey},
|
|
192
|
+
publicKeyHash: ${this.pkh}
|
|
193
|
+
}`);
|
|
194
|
+
}
|
|
195
|
+
});
|
|
196
|
+
}
|
|
197
|
+
}
|
|
198
|
+
|
|
199
|
+
export { RemoteSigner, VERSION };
|
|
200
|
+
//# sourceMappingURL=taquito-remote-signer.es6.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"taquito-remote-signer.es6.js","sources":["../src/errors.ts","../src/version.ts","../src/taquito-remote-signer.ts"],"sourcesContent":["export class KeyNotFoundError extends Error {\n public name = 'KeyNotFoundError';\n constructor(public message: string, public innerException: any) {\n super(message);\n }\n}\n\nexport class OperationNotAuthorizedError extends Error {\n public name = 'OperationNotAuthorized';\n constructor(public message: string, public innerException: any) {\n super(message);\n }\n}\n\nexport class BadSigningDataError extends Error {\n public name = 'BadSigningData';\n constructor(public message: string, public innerException: any, public readonly data: any) {\n super(message);\n }\n}\n","\n// IMPORTANT: THIS FILE IS AUTO GENERATED! DO NOT MANUALLY EDIT OR CHECKIN!\nexport const VERSION = {\n \"commitHash\": \"e03d983c780c7f96d8291ddd1251ea82f4581858\",\n \"version\": \"11.2.0-beta-RC.0\"\n};\n","/**\n * @packageDocumentation\n * @module @taquito/remote-signer\n */\nimport { HttpBackend, HttpResponseError, STATUS_CODE } from '@taquito/http-utils';\nimport {\n b58cdecode,\n b58cencode,\n buf2hex,\n hex2buf,\n isValidPrefix,\n mergebuf,\n prefix,\n verifySignature,\n validateKeyHash,\n ValidationResult,\n InvalidKeyHashError\n} from '@taquito/utils';\n\nimport sodium from 'libsodium-wrappers';\nimport toBuffer from 'typedarray-to-buffer';\nimport { BadSigningDataError, KeyNotFoundError, OperationNotAuthorizedError } from './errors';\nimport { Signer } from '@taquito/taquito';\n\ninterface PublicKeyResponse {\n public_key: string;\n}\n\ninterface SignResponse {\n signature: string;\n}\n\ntype curves = 'ed' | 'p2' | 'sp';\n\nexport interface RemoteSignerOptions {\n headers?: { [key: string]: string };\n}\n\nexport { VERSION } from './version';\n\nconst pref = {\n ed: {\n pk: prefix['edpk'],\n sk: prefix['edsk'],\n pkh: prefix.tz1,\n sig: prefix.edsig,\n },\n p2: {\n pk: prefix['p2pk'],\n sk: prefix['p2sk'],\n pkh: prefix.tz3,\n sig: prefix.p2sig,\n },\n sp: {\n pk: prefix['sppk'],\n sk: prefix['spsk'],\n pkh: prefix.tz2,\n sig: prefix.spsig,\n },\n};\n\nexport class RemoteSigner implements Signer {\n constructor(\n private pkh: string,\n private rootUrl: string,\n private options: RemoteSignerOptions = {},\n private http = new HttpBackend()\n ) {\n if (validateKeyHash(this.pkh) !== ValidationResult.VALID) {\n throw new InvalidKeyHashError(`Invalid Public Key Hash: ${this.pkh}`);\n }\n }\n\n async publicKeyHash(): Promise<string> {\n return this.pkh;\n }\n\n private createURL(path: string) {\n // Trim trailing slashes because it is assumed to be included in path\n return `${this.rootUrl.replace(/\\/+$/g, '')}${path}`;\n }\n\n async publicKey(): Promise<string> {\n try {\n const { public_key } = await this.http.createRequest<PublicKeyResponse>({\n url: this.createURL(`/keys/${this.pkh}`),\n method: 'GET',\n headers: this.options.headers,\n });\n return public_key;\n } catch (ex) {\n if (ex instanceof HttpResponseError) {\n if (ex.status === STATUS_CODE.NOT_FOUND) {\n throw new KeyNotFoundError(`Key not found: ${this.pkh}`, ex);\n }\n }\n throw ex;\n }\n }\n\n async secretKey(): Promise<string> {\n throw new Error('Secret key cannot be exposed');\n }\n\n async sign(bytes: string, watermark?: Uint8Array) {\n try {\n let bb = hex2buf(bytes);\n if (typeof watermark !== 'undefined') {\n bb = mergebuf(watermark, bb);\n }\n const watermarkedBytes = buf2hex(toBuffer(bb));\n const { signature } = await this.http.createRequest<SignResponse>(\n {\n url: this.createURL(`/keys/${this.pkh}`),\n method: 'POST',\n headers: this.options.headers,\n },\n watermarkedBytes\n );\n const pref = signature.startsWith('sig')\n ? signature.substring(0, 3)\n : signature.substring(0, 5);\n\n if (!isValidPrefix(pref)) {\n throw new Error(`Unsupported signature given by remote signer: ${signature}`);\n }\n\n const decoded = b58cdecode(signature, prefix[pref]);\n\n const pk = await this.publicKey();\n await this.verifyPublicKey(pk);\n const signatureVerified = verifySignature(watermarkedBytes, pk, signature);\n if (!signatureVerified) {\n throw new Error(\n `Signature failed verification against public key:\n {\n bytes: ${watermarkedBytes},\n signature: ${signature}\n }`\n );\n }\n\n return {\n bytes,\n sig: b58cencode(decoded, prefix.sig),\n prefixSig: signature,\n sbytes: bytes + buf2hex(toBuffer(decoded)),\n };\n } catch (ex) {\n if (ex instanceof HttpResponseError) {\n if (ex.status === STATUS_CODE.NOT_FOUND) {\n throw new KeyNotFoundError(`Key not found: ${this.pkh}`, ex);\n } else if (ex.status === STATUS_CODE.FORBIDDEN) {\n throw new OperationNotAuthorizedError('Signing Operation not authorized', ex);\n } else if (ex.status === STATUS_CODE.BAD_REQUEST) {\n throw new BadSigningDataError('Invalid data', ex, {\n bytes,\n watermark,\n });\n }\n }\n throw ex;\n }\n }\n\n async verifyPublicKey(publicKey: string) {\n await sodium.ready;\n const curve = publicKey.substring(0, 2) as curves;\n const _publicKey = toBuffer(b58cdecode(publicKey, pref[curve].pk));\n\n const publicKeyHash = b58cencode(sodium.crypto_generichash(20, _publicKey), pref[curve].pkh);\n if (publicKeyHash !== this.pkh) {\n throw new Error(\n `Requested public key does not match the initialized public key hash: {\n publicKey: ${publicKey},\n publicKeyHash: ${this.pkh}\n }`\n );\n }\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAa,gBAAiB,SAAQ,KAAK;IAEzC,YAAmB,OAAe,EAAS,cAAmB;QAC5D,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QADvD,SAAI,GAAG,kBAAkB,CAAC;KAGhC;CACF;MAEY,2BAA4B,SAAQ,KAAK;IAEpD,YAAmB,OAAe,EAAS,cAAmB;QAC5D,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QADvD,SAAI,GAAG,wBAAwB,CAAC;KAGtC;CACF;MAEY,mBAAoB,SAAQ,KAAK;IAE5C,YAAmB,OAAe,EAAS,cAAmB,EAAkB,IAAS;QACvF,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,YAAO,GAAP,OAAO,CAAQ;QAAS,mBAAc,GAAd,cAAc,CAAK;QAAkB,SAAI,GAAJ,IAAI,CAAK;QADlF,SAAI,GAAG,gBAAgB,CAAC;KAG9B;;;ACjBH;MACa,OAAO,GAAG;IACnB,YAAY,EAAE,0CAA0C;IACxD,SAAS,EAAE,kBAAkB;;;ACoCjC,MAAM,IAAI,GAAG;IACX,EAAE,EAAE;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,GAAG,EAAE,MAAM,CAAC,KAAK;KAClB;IACD,EAAE,EAAE;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,GAAG,EAAE,MAAM,CAAC,KAAK;KAClB;IACD,EAAE,EAAE;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;QAClB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,GAAG,EAAE,MAAM,CAAC,KAAK;KAClB;CACF,CAAC;MAEW,YAAY;IACvB,YACU,GAAW,EACX,OAAe,EACf,UAA+B,EAAE,EACjC,OAAO,IAAI,WAAW,EAAE;QAHxB,QAAG,GAAH,GAAG,CAAQ;QACX,YAAO,GAAP,OAAO,CAAQ;QACf,YAAO,GAAP,OAAO,CAA0B;QACjC,SAAI,GAAJ,IAAI,CAAoB;QAEhC,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,gBAAgB,CAAC,KAAK,EAAE;YACxD,MAAO,IAAI,mBAAmB,CAAC,4BAA4B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;SACxE;KACF;IAEK,aAAa;;YACjB,OAAO,IAAI,CAAC,GAAG,CAAC;SACjB;KAAA;IAEO,SAAS,CAAC,IAAY;;QAE5B,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC;KACtD;IAEK,SAAS;;YACb,IAAI;gBACF,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CAAoB;oBACtE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC;oBACxC,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;iBAC9B,CAAC,CAAC;gBACH,OAAO,UAAU,CAAC;aACnB;YAAC,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,YAAY,iBAAiB,EAAE;oBACnC,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,SAAS,EAAE;wBACvC,MAAM,IAAI,gBAAgB,CAAC,kBAAkB,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;qBAC9D;iBACF;gBACD,MAAM,EAAE,CAAC;aACV;SACF;KAAA;IAEK,SAAS;;YACb,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;SACjD;KAAA;IAEK,IAAI,CAAC,KAAa,EAAE,SAAsB;;YAC9C,IAAI;gBACF,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,OAAO,SAAS,KAAK,WAAW,EAAE;oBACpC,EAAE,GAAG,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;iBAC9B;gBACD,MAAM,gBAAgB,GAAG,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/C,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CACjD;oBACE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC;oBACxC,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;iBAC9B,EACD,gBAAgB,CACjB,CAAC;gBACF,MAAM,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,KAAK,CAAC;sBACpC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC;sBACzB,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAE9B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE;oBACxB,MAAM,IAAI,KAAK,CAAC,iDAAiD,SAAS,EAAE,CAAC,CAAC;iBAC/E;gBAED,MAAM,OAAO,GAAG,UAAU,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;gBAEpD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAClC,MAAM,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;gBAC/B,MAAM,iBAAiB,GAAG,eAAe,CAAC,gBAAgB,EAAE,EAAE,EAAE,SAAS,CAAC,CAAC;gBAC3E,IAAI,CAAC,iBAAiB,EAAE;oBACtB,MAAM,IAAI,KAAK,CACb;;qBAEW,gBAAgB;yBACZ,SAAS;YACtB,CACH,CAAC;iBACH;gBAED,OAAO;oBACL,KAAK;oBACL,GAAG,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC;oBACpC,SAAS,EAAE,SAAS;oBACpB,MAAM,EAAE,KAAK,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;iBAC3C,CAAC;aACH;YAAC,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,YAAY,iBAAiB,EAAE;oBACnC,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,SAAS,EAAE;wBACvC,MAAM,IAAI,gBAAgB,CAAC,kBAAkB,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;qBAC9D;yBAAM,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,SAAS,EAAE;wBAC9C,MAAM,IAAI,2BAA2B,CAAC,kCAAkC,EAAE,EAAE,CAAC,CAAC;qBAC/E;yBAAM,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,WAAW,EAAE;wBAChD,MAAM,IAAI,mBAAmB,CAAC,cAAc,EAAE,EAAE,EAAE;4BAChD,KAAK;4BACL,SAAS;yBACV,CAAC,CAAC;qBACJ;iBACF;gBACD,MAAM,EAAE,CAAC;aACV;SACF;KAAA;IAEK,eAAe,CAAC,SAAiB;;YACrC,MAAM,MAAM,CAAC,KAAK,CAAC;YACnB,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAW,CAAC;YAClD,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAEnE,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,kBAAkB,CAAC,EAAE,EAAE,UAAU,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;YAC7F,IAAI,aAAa,KAAK,IAAI,CAAC,GAAG,EAAE;gBAC9B,MAAM,IAAI,KAAK,CACb;uBACe,SAAS;2BACL,IAAI,CAAC,GAAG;UACzB,CACH,CAAC;aACH;SACF;KAAA;;;;;"}
|