hd-wallet-wasm 2.0.20 → 2.0.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/epm-attestation.mjs +26 -8
package/package.json
CHANGED
package/src/epm-attestation.mjs
CHANGED
|
@@ -212,17 +212,25 @@ export function buildEPMSigningContent(epm) {
|
|
|
212
212
|
}
|
|
213
213
|
|
|
214
214
|
/**
|
|
215
|
-
* Sign EPM content
|
|
215
|
+
* Sign EPM content. Default curve is ed25519 (fast, the network default); pass
|
|
216
|
+
* `{ curve: 'secp256k1' }` to sign with secp256k1 (ECDSA-DER over sha256(content),
|
|
217
|
+
* byte-compatible with the Go/C++ EPM verifiers). The content canonicalization is
|
|
218
|
+
* identical for both curves; only the signature differs.
|
|
216
219
|
*
|
|
217
220
|
* @param {Object} wallet - Initialized HDWalletModule
|
|
218
221
|
* @param {Object} epm - EPM fields as a plain object (without SIGNATURE/SIGNATURE_TIMESTAMP)
|
|
219
|
-
* @param {Uint8Array}
|
|
222
|
+
* @param {Uint8Array} privateKey - 32-byte private key (ed25519 seed or secp256k1 key)
|
|
223
|
+
* @param {{ curve?: 'ed25519'|'secp256k1' }} [options]
|
|
220
224
|
* @returns {{ signature: string, timestamp: number }} Hex signature and Unix timestamp
|
|
221
225
|
*/
|
|
222
|
-
export function signEPMContent(wallet, epm,
|
|
226
|
+
export function signEPMContent(wallet, epm, privateKey, options = {}) {
|
|
227
|
+
const curve = String(options.curve || 'ed25519').toLowerCase();
|
|
223
228
|
const timestamp = Math.floor(Date.now() / 1000);
|
|
224
229
|
const content = buildEPMSigningContent({ ...epm, SIGNATURE_TIMESTAMP: timestamp });
|
|
225
|
-
const sig =
|
|
230
|
+
const sig =
|
|
231
|
+
curve === 'secp256k1'
|
|
232
|
+
? wallet.curves.secp256k1.sign(wallet.utils.sha256(content), privateKey)
|
|
233
|
+
: wallet.curves.ed25519.sign(content, privateKey);
|
|
226
234
|
return {
|
|
227
235
|
signature: wallet.utils.encodeHex(sig),
|
|
228
236
|
timestamp,
|
|
@@ -230,20 +238,30 @@ export function signEPMContent(wallet, epm, ed25519PrivateKey) {
|
|
|
230
238
|
}
|
|
231
239
|
|
|
232
240
|
/**
|
|
233
|
-
* Verify an EPM content signature.
|
|
241
|
+
* Verify an EPM content signature. Dispatches on the explicit `options.curve`,
|
|
242
|
+
* else infers from the public key length (32 = ed25519; 33/65 = secp256k1).
|
|
243
|
+
* secp256k1 is verified as ECDSA-DER over sha256(content), matching signEPMContent
|
|
244
|
+
* and the Go/C++ verifiers.
|
|
234
245
|
*
|
|
235
246
|
* @param {Object} wallet - Initialized HDWalletModule
|
|
236
247
|
* @param {Object} epm - Full EPM object including SIGNATURE and SIGNATURE_TIMESTAMP
|
|
237
|
-
* @param {Uint8Array}
|
|
248
|
+
* @param {Uint8Array} publicKey - ed25519 (32B) or secp256k1 (33/65B) public key
|
|
249
|
+
* @param {{ curve?: 'ed25519'|'secp256k1' }} [options]
|
|
238
250
|
* @returns {boolean} True if signature is valid
|
|
239
251
|
*/
|
|
240
|
-
export function verifyEPMSignature(wallet, epm,
|
|
252
|
+
export function verifyEPMSignature(wallet, epm, publicKey, options = {}) {
|
|
241
253
|
const sigHex = epm.SIGNATURE || epm.signature;
|
|
242
254
|
if (!sigHex) return false;
|
|
243
255
|
|
|
244
256
|
const content = buildEPMSigningContent(epm);
|
|
245
257
|
const sig = wallet.utils.decodeHex(sigHex);
|
|
246
|
-
|
|
258
|
+
const curve = String(
|
|
259
|
+
options.curve || (publicKey && publicKey.length === 32 ? 'ed25519' : 'secp256k1'),
|
|
260
|
+
).toLowerCase();
|
|
261
|
+
if (curve === 'secp256k1') {
|
|
262
|
+
return wallet.curves.secp256k1.verify(wallet.utils.sha256(content), sig, publicKey);
|
|
263
|
+
}
|
|
264
|
+
return wallet.curves.ed25519.verify(content, sig, publicKey);
|
|
247
265
|
}
|
|
248
266
|
|
|
249
267
|
// =============================================================================
|