Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@cardano-foundation/cardano-verify-datasignature
Advanced tools
@cardano-foundation/cardano-verify-datasignature - npm Package Compare versions
Comparing version 1.0.7 to 1.0.8
| # Changelog | ||
| ## [1.0.8](https://github.com/cardano-foundation/cardano-verify-datasignature/compare/v1.0.7...v1.0.8) (2022-12-19) | ||
| ### Features | ||
| * add more testcases to check if all cases of [#9](https://github.com/cardano-foundation/cardano-verify-datasignature/issues/9) and [#11](https://github.com/cardano-foundation/cardano-verify-datasignature/issues/11) are now handled correctly ([510e10d](https://github.com/cardano-foundation/cardano-verify-datasignature/commit/510e10dac49f155a65286ba5b48a90ee5257ebf4)) | ||
| ## [1.0.7](https://github.com/cardano-foundation/cardano-verify-datasignature/compare/v1.0.6...v1.0.7) (2022-12-18) | ||
@@ -4,0 +11,0 @@ |
| import verifySignature from './index'; | ||
| import { blake2bHex } from 'blakejs'; | ||
@@ -105,3 +106,3 @@ describe('testing signature verification', () => { | ||
| test('check signature with clear text message but payload is null should be false', () => { | ||
| test('check signature with plain text message but payload is null should be false', () => { | ||
| const signature = | ||
@@ -113,2 +114,30 @@ '84582aa201276761646472657373581d617863b5c43bdf0a06608abc82f0573a549714ff69166074dcdde393d8a166686173686564f4f65840fc58155f0cee05bc00e7299af1df1f159ac82a46a055786b259657934eff346eec81349d4678ceabc79f213c66a2bdbfd4ea5d9ebdc630bee5ac9cce75cfc001'; | ||
| }); | ||
| test('check signature with plain text message but empty payload should be false', () => { | ||
| const signature = | ||
| '84582aa201276761646472657373581de118987c1612069d4080a0eb247820cb987fea81bddeaafdd41f996281a166686173686564f4405840be14facd63cb33fcfd2a955848ce820f1f479813cdda6dde5d0b57ac1cb86b00a9f3ee4826741a28aa01299cc8985e7019d16ae7ab74ae7bea31f6790de20308'; | ||
| const key = | ||
| 'a4010103272006215820b89526fd6bf4ba737c55ea90670d16a27f8de6cc1982349b3b676705a2f420c6'; | ||
| expect(verifySignature(signature, key, 'Hello World')).toBe(false); | ||
| }); | ||
| test('hashed payload with plain text message that should be valid and return true', () => { | ||
| const signature = | ||
| '84582aa201276761646472657373581de0c13582aec9a44fcc6d984be003c5058c660e1d2ff1370fd8b49ba73fa166686173686564f5581c40843181253eb1ff2258ab39c3463ec0edf5e713b73c5482c0ca798f5840a4cdec07ba8c1184aa74d1c3516fc6602a35d2db847510cf98c102653c15c7664f136314f920150a081870aef77ed49780ca58873bd5d62e744b968a89435906'; | ||
| const key = | ||
| 'a40101032720062158209be513df12b3fabe7c1b8c3f9fab0968eb2168d5689bf981c2f7c35b11718b27'; | ||
| const message = 'Hello world'; | ||
| expect(verifySignature(signature, key, message)).toBe(true); | ||
| }); | ||
| test('hashed payload with hashed text message that should be valid and return true', () => { | ||
| const signature = | ||
| '84582aa201276761646472657373581de0c13582aec9a44fcc6d984be003c5058c660e1d2ff1370fd8b49ba73fa166686173686564f5581c40843181253eb1ff2258ab39c3463ec0edf5e713b73c5482c0ca798f5840a4cdec07ba8c1184aa74d1c3516fc6602a35d2db847510cf98c102653c15c7664f136314f920150a081870aef77ed49780ca58873bd5d62e744b968a89435906'; | ||
| const key = | ||
| 'a40101032720062158209be513df12b3fabe7c1b8c3f9fab0968eb2168d5689bf981c2f7c35b11718b27'; | ||
| const message = blake2bHex('Hello world', undefined, 28); // 28 * 8 bit = 224 bit | ||
| expect(verifySignature(signature, key, message)).toBe(true); | ||
| }); | ||
| }); |
17
index.ts
@@ -1,2 +0,2 @@ | ||
| import { Bip32PublicKey, PublicKey } from '@stricahq/bip32ed25519'; | ||
| import { Bip32PublicKey } from '@stricahq/bip32ed25519'; | ||
| import { getPublicKeyFromCoseKey, CoseSign1 } from '@stricahq/cip08'; | ||
@@ -6,2 +6,3 @@ import { Decoder } from '@stricahq/cbors'; | ||
| import { utils } from '@stricahq/typhonjs'; | ||
| import { blake2bHex } from 'blakejs'; | ||
@@ -49,4 +50,16 @@ const Network = { | ||
| if (payload && payload.toString('utf8') !== message) { | ||
| const unprotectedMap: Map<any, any> = decoded?.value[1]; | ||
| const isHashed = | ||
| unprotectedMap && unprotectedMap.get('hashed') | ||
| ? unprotectedMap.get('hashed') | ||
| : false; | ||
| if (isHashed && !/^[0-9a-fA-F]+$/.test(message)) { | ||
| message = blake2bHex(message, undefined, 28); // 28 * 8 bit = 224 bit ~> blake2b224 | ||
| } | ||
| if (isHashed && payload && payload.toString('hex') !== message) { | ||
| return false; | ||
| } else if (!isHashed && payload && payload.toString('utf8') !== message) { | ||
| return false; | ||
| } | ||
@@ -53,0 +66,0 @@ } |
| { | ||
| "name": "@cardano-foundation/cardano-verify-datasignature", | ||
| "version": "1.0.7", | ||
| "version": "1.0.8", | ||
| "description": "A lightweight typescript library to verify a cip30 datasignature for browser and nodejs", | ||
@@ -37,4 +37,5 @@ "main": "dist/index.js", | ||
| "@stricahq/cip08": "^1.0.4", | ||
| "blakejs": "^1.2.1", | ||
| "@stricahq/typhonjs": "^1.2.8" | ||
| } | ||
| } |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.15%
2578954
- Lines of code
- increased by1.86%
2022
Worsened metrics
- Dependency count
- increased by25%
5
Dependency changes
+ Addedblakejs@^1.2.1