ns-auth-sdk 1.14.1 → 1.14.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/browser-index.cjs +24 -24
  2. package/dist/browser-index.cjs.map +1 -1
  3. package/dist/browser-index.d.cts.map +1 -1
  4. package/dist/browser-index.mjs +8 -8
  5. package/dist/browser-index.mjs.map +1 -1
  6. package/dist/index.cjs +24 -24
  7. package/dist/index.cjs.map +1 -1
  8. package/dist/index.mjs +8 -8
  9. package/dist/index.mjs.map +1 -1
  10. package/package.json +1 -1
package/dist/browser-index.cjs CHANGED
@@ -6,11 +6,11 @@ const require_prf_handler = require('./prf-handler-BNd7gmXJ.cjs');
6
6
  const require_group_coordination = require('./group-coordination-DL39hJ3R.cjs');
7
7
  const require_zkm_service = require('./zkm.service-DX06sSfB.cjs');
8
8
  let applesauce_core_helpers = require("applesauce-core/helpers");
9
- let _noble_curves_secp256k1 = require("@noble/curves/secp256k1");
10
- let _noble_hashes_sha256 = require("@noble/hashes/sha256");
11
- let _noble_hashes_pbkdf2 = require("@noble/hashes/pbkdf2");
12
- let _noble_ciphers_aes = require("@noble/ciphers/aes");
13
- let _noble_hashes_utils = require("@noble/hashes/utils");
9
+ let _noble_curves_secp256k1_js = require("@noble/curves/secp256k1.js");
10
+ let _noble_hashes_sha2_js = require("@noble/hashes/sha2.js");
11
+ let _noble_hashes_pbkdf2_js = require("@noble/hashes/pbkdf2.js");
12
+ let _noble_ciphers_aes_js = require("@noble/ciphers/aes.js");
13
+ let _noble_hashes_utils_js = require("@noble/hashes/utils.js");
14
14
 
15
15
  //#region src/utils/utils.ts
16
16
  /**
@@ -183,7 +183,7 @@ var KeyCache = class {
183
183
  * This implementation uses @noble libraries for cryptographic operations,
184
184
  * ensuring functionality even when Web Crypto API is unavailable.
185
185
  */
186
- const aesGcm = _noble_ciphers_aes.gcm;
186
+ const aesGcm = _noble_ciphers_aes_js.gcm;
187
187
  function toBase64(bytes) {
188
188
  let binary = "";
189
189
  for (let i = 0; i < bytes.byteLength; i++) binary += String.fromCharCode(bytes[i]);
@@ -214,14 +214,14 @@ async function checkPRFSupport() {
214
214
  }
215
215
  }
216
216
  async function generatePasswordProtectedKey(password) {
217
- const privateKey = _noble_curves_secp256k1.secp256k1.utils.randomPrivateKey();
218
- const publicKeySpkiBase64 = toBase64(_noble_curves_secp256k1.secp256k1.getPublicKey(privateKey));
219
- const salt = (0, _noble_hashes_utils.randomBytes)(16);
220
- const derivedKey = (0, _noble_hashes_pbkdf2.pbkdf2)(_noble_hashes_sha256.sha256, new TextEncoder().encode(password), salt, {
217
+ const privateKey = _noble_curves_secp256k1_js.secp256k1.utils.randomPrivateKey();
218
+ const publicKeySpkiBase64 = toBase64(_noble_curves_secp256k1_js.secp256k1.getPublicKey(privateKey));
219
+ const salt = (0, _noble_hashes_utils_js.randomBytes)(16);
220
+ const derivedKey = (0, _noble_hashes_pbkdf2_js.pbkdf2)(_noble_hashes_sha2_js.sha256, new TextEncoder().encode(password), salt, {
221
221
  c: 1e5,
222
222
  dkLen: 32
223
223
  });
224
- const iv = (0, _noble_hashes_utils.randomBytes)(12);
224
+ const iv = (0, _noble_hashes_utils_js.randomBytes)(12);
225
225
  return {
226
226
  publicKeySpkiBase64,
227
227
  wrappedPrivateKeyBase64: toBase64(aesGcm(derivedKey, iv).encrypt(privateKey)),
@@ -231,7 +231,7 @@ async function generatePasswordProtectedKey(password) {
231
231
  }
232
232
  async function unwrapPasswordProtectedPrivateKey(bundle, password) {
233
233
  const salt = fromBase64(bundle.saltBase64);
234
- const derivedKey = (0, _noble_hashes_pbkdf2.pbkdf2)(_noble_hashes_sha256.sha256, new TextEncoder().encode(password), salt, {
234
+ const derivedKey = (0, _noble_hashes_pbkdf2_js.pbkdf2)(_noble_hashes_sha2_js.sha256, new TextEncoder().encode(password), salt, {
235
235
  c: 1e5,
236
236
  dkLen: 32
237
237
  });
@@ -244,7 +244,7 @@ function importPublicKeyFromBundle(bundle) {
244
244
  }
245
245
  const DEFAULT_SALT = "nostr-key-derivation";
246
246
  function deriveNostrPrivateKey(password, salt = DEFAULT_SALT) {
247
- return (0, _noble_hashes_pbkdf2.pbkdf2)(_noble_hashes_sha256.sha256, new TextEncoder().encode(password), new TextEncoder().encode(salt), {
247
+ return (0, _noble_hashes_pbkdf2_js.pbkdf2)(_noble_hashes_sha2_js.sha256, new TextEncoder().encode(password), new TextEncoder().encode(salt), {
248
248
  c: 1e5,
249
249
  dkLen: 32
250
250
  });
@@ -493,7 +493,7 @@ async function aesGcmDecrypt(key, iv, ct, tag) {
493
493
  */
494
494
  function deriveSaltFromUsername(username) {
495
495
  if (!username) return "";
496
- const hashBuffer = (0, _noble_hashes_sha256.sha256)(new TextEncoder().encode(username.toLowerCase().trim()));
496
+ const hashBuffer = (0, _noble_hashes_sha2_js.sha256)(new TextEncoder().encode(username.toLowerCase().trim()));
497
497
  return bytesToHex(new Uint8Array(hashBuffer));
498
498
  }
499
499
  function parseRecoveryTag(tags) {
@@ -526,10 +526,10 @@ async function verifyRecoverySignature(kind0) {
526
526
  if (!parseRecoveryTag(kind0.tags || [])) return false;
527
527
  const signature = getRecoverySignature(kind0);
528
528
  if (!signature || !kind0.pubkey) return false;
529
- const messageHash = (0, _noble_hashes_sha256.sha256)(new TextEncoder().encode(kind0.pubkey));
529
+ const messageHash = (0, _noble_hashes_sha2_js.sha256)(new TextEncoder().encode(kind0.pubkey));
530
530
  const signatureBytes = hexToBytes(signature);
531
531
  const pubkeyBytes = hexToBytes(kind0.pubkey);
532
- return _noble_curves_secp256k1.secp256k1.verify(signatureBytes, messageHash, pubkeyBytes);
532
+ return _noble_curves_secp256k1_js.secp256k1.verify(signatureBytes, messageHash, pubkeyBytes);
533
533
  } catch (e) {
534
534
  return false;
535
535
  }
@@ -10876,7 +10876,7 @@ async function verifyEUDITag(kind0Event) {
10876
10876
  const signatureBytes = Uint8Array.from(atob(claims.signature), (c) => c.charCodeAt(0));
10877
10877
  const messageBytes = new TextEncoder().encode(message);
10878
10878
  const pubkeyBytes = hexToBytes$3(pubkey);
10879
- const { secp256k1: secp256k1$3 } = await import("@noble/curves/secp256k1");
10879
+ const { secp256k1: secp256k1$3 } = await import("@noble/curves/secp256k1.js");
10880
10880
  if (!secp256k1$3.verify(signatureBytes, messageBytes, pubkeyBytes)) return {
10881
10881
  type: "eudi",
10882
10882
  valid: false,
@@ -11237,7 +11237,7 @@ function parseSiopAuthorizationRequest(url) {
11237
11237
  async function generateSiopIdToken(config) {
11238
11238
  const { secretKey, nonce, clientId, redirectUri, idTokenType, claims, clientMetadata } = config;
11239
11239
  if (!nonce) throw new Error("nonce is required for SIOP v2 ID Token");
11240
- const did = pubkeyToDid(bytesToHex$1(_noble_curves_secp256k1.secp256k1.getPublicKey(secretKey).slice(1)));
11240
+ const did = pubkeyToDid(bytesToHex$1(_noble_curves_secp256k1_js.secp256k1.getPublicKey(secretKey).slice(1)));
11241
11241
  const aud = clientId || redirectUri || getDefaultIssuer();
11242
11242
  const now = Math.floor(Date.now() / 1e3);
11243
11243
  const payload = {
@@ -11257,8 +11257,8 @@ async function generateSiopIdToken(config) {
11257
11257
  kid: `${did}#key1`
11258
11258
  };
11259
11259
  const signingInput = `${base64urlEncode$1(new TextEncoder().encode(JSON.stringify(header)))}.${base64urlEncode$1(new TextEncoder().encode(JSON.stringify(payload)))}`;
11260
- const messageHash = (0, _noble_hashes_sha256.sha256)(new TextEncoder().encode(signingInput));
11261
- return `${signingInput}.${base64urlEncode$1(_noble_curves_secp256k1.secp256k1.sign(messageHash, secretKey).toCompactRawBytes())}`;
11260
+ const messageHash = (0, _noble_hashes_sha2_js.sha256)(new TextEncoder().encode(signingInput));
11261
+ return `${signingInput}.${base64urlEncode$1(_noble_curves_secp256k1_js.secp256k1.sign(messageHash, secretKey).toCompactRawBytes())}`;
11262
11262
  }
11263
11263
  /**
11264
11264
  * Verify a SIOP v2 Self-Issued ID Token
@@ -11293,14 +11293,14 @@ async function verifySiopIdToken(token) {
11293
11293
  };
11294
11294
  const pubkeyXOnly = hexToBytes$1(sub.slice(10));
11295
11295
  const signingInput = `${headerEncoded}.${payloadEncoded}`;
11296
- const messageHash = (0, _noble_hashes_sha256.sha256)(new TextEncoder().encode(signingInput));
11296
+ const messageHash = (0, _noble_hashes_sha2_js.sha256)(new TextEncoder().encode(signingInput));
11297
11297
  const signatureBytes = base64urlDecode$1(signatureEncoded);
11298
11298
  let isValid = false;
11299
11299
  for (const prefix of [2, 3]) {
11300
11300
  const pubkeyBytes = new Uint8Array(33);
11301
11301
  pubkeyBytes[0] = prefix;
11302
11302
  pubkeyBytes.set(pubkeyXOnly, 1);
11303
- if (_noble_curves_secp256k1.secp256k1.verify(signatureBytes, messageHash, pubkeyBytes)) {
11303
+ if (_noble_curves_secp256k1_js.secp256k1.verify(signatureBytes, messageHash, pubkeyBytes)) {
11304
11304
  isValid = true;
11305
11305
  break;
11306
11306
  }
@@ -13222,8 +13222,8 @@ var EUDIService = class {
13222
13222
  const payloadObj = JSON.parse(new TextDecoder().decode(payload));
13223
13223
  const holderDID = payloadObj.iss || payloadObj.sub || "";
13224
13224
  if (!holderDID) throw new Error("No holderDID found in VP token");
13225
- const sha256$1 = (await import("@noble/hashes/sha256")).sha256;
13226
- const bytesToHex$4 = (await import("@noble/hashes/utils")).bytesToHex;
13225
+ const sha256$1 = (await import("@noble/hashes/sha2.js")).sha256;
13226
+ const bytesToHex$4 = (await import("@noble/hashes/utils.js")).bytesToHex;
13227
13227
  const uniqueIdentifier = bytesToHex$4(sha256$1(new TextEncoder().encode(holderDID))).slice(0, 16);
13228
13228
  let nationality = "";
13229
13229
  let isOver18 = false;