@digitalbazaar/ed25519-verification-key-2020
Advanced tools
@digitalbazaar/ed25519-verification-key-2020 - npm Package Compare versions
Comparing version 3.2.0 to 3.3.0
| /*! | ||
| * Copyright (c) 2020 Digital Bazaar, Inc. All rights reserved. | ||
| * Copyright (c) 2020-2022 Digital Bazaar, Inc. All rights reserved. | ||
| */ | ||
| import * as ed25519 from '@stablelib/ed25519'; | ||
| import * as ed25519 from '@noble/ed25519'; | ||
| // browser MUST provide "crypto.getRandomValues" | ||
| const crypto = self && (self.crypto || self.msCrypto); | ||
| const crypto = self.crypto; | ||
| if(!crypto.getRandomValues) { | ||
@@ -13,8 +13,16 @@ throw new Error('Browser does not provide "crypto.getRandomValues".'); | ||
| export default { | ||
| ...ed25519, | ||
| async generateKeyPair() { | ||
| const seed = new Uint8Array(32); | ||
| crypto.getRandomValues(seed); | ||
| return ed25519.generateKeyPairFromSeed(seed); | ||
| const keyPair = await generateKeyPairFromSeed(seed); | ||
| seed.fill(0); | ||
| return keyPair; | ||
| }, | ||
| generateKeyPairFromSeed, | ||
| async sign(secretKey, data) { | ||
| return ed25519.sign(data, secretKey.slice(0, 32)); | ||
| }, | ||
| async verify(publicKey, data, signature) { | ||
| return ed25519.verify(signature, data, publicKey); | ||
| }, | ||
| async sha256digest({data}) { | ||
@@ -24,1 +32,12 @@ return crypto.subtle.digest('SHA-256', data); | ||
| }; | ||
| async function generateKeyPairFromSeed(seed) { | ||
| const publicKey = await ed25519.getPublicKey(seed); | ||
| const secretKey = new Uint8Array(64); | ||
| secretKey.set(seed); | ||
| secretKey.set(publicKey, seed.length); | ||
| return { | ||
| publicKey, | ||
| secretKey | ||
| }; | ||
| } |
| /*! | ||
| * Copyright (c) 2020 Digital Bazaar, Inc. All rights reserved. | ||
| * Copyright (c) 2020-2022 Digital Bazaar, Inc. All rights reserved. | ||
| */ | ||
@@ -4,0 +4,0 @@ import { |
| { | ||
| "name": "@digitalbazaar/ed25519-verification-key-2020", | ||
| "version": "3.2.0", | ||
| "version": "3.3.0", | ||
| "description": "Javascript library for generating and working with Ed25519VerificationKey2020 key pairs, for use with crypto-ld.", | ||
@@ -17,3 +17,3 @@ "homepage": "https://github.com/digitalbazaar/ed25519-verification-key-2020", | ||
| "dependencies": { | ||
| "@stablelib/ed25519": "^1.0.1", | ||
| "@noble/ed25519": "^1.6.0", | ||
| "base58-universal": "^1.0.0", | ||
@@ -20,0 +20,0 @@ "base64url-universal": "^1.1.0", |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by3.03%
612
Worsened metrics
- Total package byte prevSize
- decreased by-2.57%
31806
- Number of package files
- decreased by-11.11%
8
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@noble/ed25519@^1.6.0
+ Added@noble/ed25519@1.7.3(transitive)
- Removed@stablelib/ed25519@^1.0.1
- Removed@stablelib/binary@1.0.1(transitive)
- Removed@stablelib/ed25519@1.0.3(transitive)
- Removed@stablelib/hash@1.0.1(transitive)
- Removed@stablelib/int@1.0.1(transitive)
- Removed@stablelib/random@1.0.2(transitive)
- Removed@stablelib/sha512@1.0.1(transitive)
- Removed@stablelib/wipe@1.0.1(transitive)