@metamask/ppom-validator
Advanced tools
@metamask/ppom-validator - npm Package Compare versions
Comparing version 0.11.0 to 0.12.0
@@ -9,2 +9,8 @@ # Changelog | ||
| ## [0.12.0] | ||
| ### Changed | ||
| - Adding to callback to be invoked once ppom intialisation completes ([#98](https://github.com/MetaMask/ppom-validator/pull/98)) | ||
| - PPOM instance should be kept in memory ([#96](https://github.com/MetaMask/ppom-validator/pull/96)) | ||
| - Optimise validate signature ([#95](https://github.com/MetaMask/ppom-validator/pull/95)) | ||
| ## [0.11.0] | ||
@@ -83,3 +89,4 @@ ### Changed | ||
| [Unreleased]: https://github.com/MetaMask/ppom-validator/compare/v0.11.0...HEAD | ||
| [Unreleased]: https://github.com/MetaMask/ppom-validator/compare/v0.12.0...HEAD | ||
| [0.12.0]: https://github.com/MetaMask/ppom-validator/compare/v0.11.0...v0.12.0 | ||
| [0.11.0]: https://github.com/MetaMask/ppom-validator/compare/v0.10.0...v0.11.0 | ||
@@ -86,0 +93,0 @@ [0.10.0]: https://github.com/MetaMask/ppom-validator/compare/v0.9.0...v0.10.0 |
@@ -12,3 +12,3 @@ import { BaseControllerV2, RestrictedControllerMessenger } from '@metamask/base-controller'; | ||
| filePath: string; | ||
| signature: string; | ||
| hashSignature: string; | ||
| }; | ||
@@ -86,5 +86,6 @@ /** | ||
| * @param options.blockaidPublicKey - Public key of blockaid for verifying signatures of data files. | ||
| * @param options.ppomInitialisationCallback - Callback to be invoked as ppom initialisation completes. | ||
| * @returns The PPOMController instance. | ||
| */ | ||
| constructor({ chainId, messenger, onNetworkChange, provider, storageBackend, securityAlertsEnabled, onPreferencesChange, ppomProvider, cdnBaseUrl, providerRequestLimit, dataUpdateDuration, fileFetchScheduleDuration, state, blockaidPublicKey, }: { | ||
| constructor({ chainId, messenger, onNetworkChange, provider, storageBackend, securityAlertsEnabled, onPreferencesChange, ppomProvider, cdnBaseUrl, providerRequestLimit, dataUpdateDuration, fileFetchScheduleDuration, state, blockaidPublicKey, ppomInitialisationCallback, }: { | ||
| chainId: string; | ||
@@ -104,2 +105,3 @@ onNetworkChange: (callback: (networkState: any) => void) => void; | ||
| blockaidPublicKey: string; | ||
| ppomInitialisationCallback?: () => undefined; | ||
| }); | ||
@@ -106,0 +108,0 @@ /** |
@@ -13,3 +13,3 @@ "use strict"; | ||
| }; | ||
| var _PPOMController_instances, _PPOMController_provider, _PPOMController_storage, _PPOMController_refreshDataInterval, _PPOMController_fileScheduleInterval, _PPOMController_ppomMutex, _PPOMController_ppomProvider, _PPOMController_cdnBaseUrl, _PPOMController_providerRequestLimit, _PPOMController_providerRequests, _PPOMController_chainId, _PPOMController_dataUpdateDuration, _PPOMController_fileFetchScheduleDuration, _PPOMController_securityAlertsEnabled, _PPOMController_providerRequestsCount, _PPOMController_blockaidPublicKey, _PPOMController_ppomInitialised, _PPOMController_initialisePPOM, _PPOMController_chainStatusIncludeSupportedNetworks, _PPOMController_networkIsSupported, _PPOMController_clearDataFetchIntervals, _PPOMController_resetToInactiveState, _PPOMController_onNetworkChange, _PPOMController_onPreferenceChange, _PPOMController_registerMessageHandlers, _PPOMController_isDataRequiredForCurrentChain, _PPOMController_updatePPOM, _PPOMController_updateVersionInfo, _PPOMController_checkFilePresentInStorage, _PPOMController_checkFilePath, _PPOMController_getFile, _PPOMController_setChainIdDataFetched, _PPOMController_getNewFilesForCurrentChainIfNeeded, _PPOMController_getListOfFilesToBeFetched, _PPOMController_deleteOldChainIds, _PPOMController_getNewFilesForAllChains, _PPOMController_getAPIResponse, _PPOMController_checkIfVersionInfoETagChanged, _PPOMController_fetchVersionInfo, _PPOMController_fetchBlob, _PPOMController_jsonRpcRequest, _PPOMController_getPPOM, _PPOMController_onDataUpdateDuration, _PPOMController_checkScheduleFileDownloadForAllChains; | ||
| var _PPOMController_instances, _PPOMController_ppom, _PPOMController_ppomInitError, _PPOMController_provider, _PPOMController_storage, _PPOMController_refreshDataInterval, _PPOMController_fileScheduleInterval, _PPOMController_ppomMutex, _PPOMController_ppomProvider, _PPOMController_cdnBaseUrl, _PPOMController_providerRequestLimit, _PPOMController_providerRequests, _PPOMController_chainId, _PPOMController_dataUpdateDuration, _PPOMController_fileFetchScheduleDuration, _PPOMController_securityAlertsEnabled, _PPOMController_providerRequestsCount, _PPOMController_blockaidPublicKey, _PPOMController_ppomInitialised, _PPOMController_ppomInitialisationCallback, _PPOMController_initialisePPOM, _PPOMController_chainStatusIncludeSupportedNetworks, _PPOMController_networkIsSupported, _PPOMController_clearDataFetchIntervals, _PPOMController_resetToInactiveState, _PPOMController_onNetworkChange, _PPOMController_onPreferenceChange, _PPOMController_registerMessageHandlers, _PPOMController_resetPPOM, _PPOMController_reinitPPOM, _PPOMController_reinitPPOMForNetworkIfRequired, _PPOMController_isDataRequiredForCurrentChain, _PPOMController_updatePPOM, _PPOMController_updateVersionInfo, _PPOMController_checkFilePresentInStorage, _PPOMController_checkFilePath, _PPOMController_getFile, _PPOMController_setChainIdDataFetched, _PPOMController_getNewFilesForCurrentChain, _PPOMController_getListOfFilesToBeFetched, _PPOMController_deleteOldChainIds, _PPOMController_getNewFilesForAllChains, _PPOMController_getAPIResponse, _PPOMController_checkIfVersionInfoETagChanged, _PPOMController_fetchVersionInfo, _PPOMController_fetchBlob, _PPOMController_jsonRpcRequest, _PPOMController_getPPOM, _PPOMController_onDataUpdateDuration, _PPOMController_checkScheduleFileDownloadForAllChains; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -94,5 +94,6 @@ exports.PPOMController = exports.NETWORK_CACHE_DURATION = exports.REFRESH_TIME_INTERVAL = void 0; | ||
| * @param options.blockaidPublicKey - Public key of blockaid for verifying signatures of data files. | ||
| * @param options.ppomInitialisationCallback - Callback to be invoked as ppom initialisation completes. | ||
| * @returns The PPOMController instance. | ||
| */ | ||
| constructor({ chainId, messenger, onNetworkChange, provider, storageBackend, securityAlertsEnabled, onPreferencesChange, ppomProvider, cdnBaseUrl, providerRequestLimit, dataUpdateDuration, fileFetchScheduleDuration, state, blockaidPublicKey, }) { | ||
| constructor({ chainId, messenger, onNetworkChange, provider, storageBackend, securityAlertsEnabled, onPreferencesChange, ppomProvider, cdnBaseUrl, providerRequestLimit, dataUpdateDuration, fileFetchScheduleDuration, state, blockaidPublicKey, ppomInitialisationCallback, }) { | ||
| const currentChainId = (0, util_1.addHexPrefix)(chainId); | ||
@@ -118,2 +119,4 @@ const initialState = { | ||
| _PPOMController_instances.add(this); | ||
| _PPOMController_ppom.set(this, void 0); | ||
| _PPOMController_ppomInitError.set(this, void 0); | ||
| _PPOMController_provider.set(this, void 0); | ||
@@ -147,2 +150,3 @@ _PPOMController_storage.set(this, void 0); | ||
| _PPOMController_ppomInitialised.set(this, false); | ||
| _PPOMController_ppomInitialisationCallback.set(this, void 0); | ||
| __classPrivateFieldSet(this, _PPOMController_chainId, currentChainId, "f"); | ||
@@ -171,2 +175,3 @@ __classPrivateFieldSet(this, _PPOMController_provider, provider, "f"); | ||
| __classPrivateFieldSet(this, _PPOMController_blockaidPublicKey, blockaidPublicKey, "f"); | ||
| __classPrivateFieldSet(this, _PPOMController_ppomInitialisationCallback, ppomInitialisationCallback, "f"); | ||
| // add new network to chainStatus list | ||
@@ -211,10 +216,10 @@ onNetworkChange(__classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_onNetworkChange).bind(this)); | ||
| } | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_getNewFilesForCurrentChainIfNeeded).call(this); | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_reinitPPOMForNetworkIfRequired).call(this); | ||
| if (__classPrivateFieldGet(this, _PPOMController_ppomInitError, "f")) { | ||
| throw Error(__classPrivateFieldGet(this, _PPOMController_ppomInitError, "f")); | ||
| } | ||
| __classPrivateFieldSet(this, _PPOMController_providerRequests, 0, "f"); | ||
| __classPrivateFieldSet(this, _PPOMController_providerRequestsCount, {}, "f"); | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_initialisePPOM).call(this); | ||
| return await __classPrivateFieldGet(this, _PPOMController_ppomMutex, "f").use(async () => { | ||
| const ppom = await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_getPPOM).call(this); | ||
| const result = await callback(ppom); | ||
| ppom.free(); | ||
| const result = await callback(__classPrivateFieldGet(this, _PPOMController_ppom, "f")); | ||
| return { | ||
@@ -230,3 +235,3 @@ ...result, | ||
| exports.PPOMController = PPOMController; | ||
| _PPOMController_provider = new WeakMap(), _PPOMController_storage = new WeakMap(), _PPOMController_refreshDataInterval = new WeakMap(), _PPOMController_fileScheduleInterval = new WeakMap(), _PPOMController_ppomMutex = new WeakMap(), _PPOMController_ppomProvider = new WeakMap(), _PPOMController_cdnBaseUrl = new WeakMap(), _PPOMController_providerRequestLimit = new WeakMap(), _PPOMController_providerRequests = new WeakMap(), _PPOMController_chainId = new WeakMap(), _PPOMController_dataUpdateDuration = new WeakMap(), _PPOMController_fileFetchScheduleDuration = new WeakMap(), _PPOMController_securityAlertsEnabled = new WeakMap(), _PPOMController_providerRequestsCount = new WeakMap(), _PPOMController_blockaidPublicKey = new WeakMap(), _PPOMController_ppomInitialised = new WeakMap(), _PPOMController_instances = new WeakSet(), _PPOMController_initialisePPOM = | ||
| _PPOMController_ppom = new WeakMap(), _PPOMController_ppomInitError = new WeakMap(), _PPOMController_provider = new WeakMap(), _PPOMController_storage = new WeakMap(), _PPOMController_refreshDataInterval = new WeakMap(), _PPOMController_fileScheduleInterval = new WeakMap(), _PPOMController_ppomMutex = new WeakMap(), _PPOMController_ppomProvider = new WeakMap(), _PPOMController_cdnBaseUrl = new WeakMap(), _PPOMController_providerRequestLimit = new WeakMap(), _PPOMController_providerRequests = new WeakMap(), _PPOMController_chainId = new WeakMap(), _PPOMController_dataUpdateDuration = new WeakMap(), _PPOMController_fileFetchScheduleDuration = new WeakMap(), _PPOMController_securityAlertsEnabled = new WeakMap(), _PPOMController_providerRequestsCount = new WeakMap(), _PPOMController_blockaidPublicKey = new WeakMap(), _PPOMController_ppomInitialised = new WeakMap(), _PPOMController_ppomInitialisationCallback = new WeakMap(), _PPOMController_instances = new WeakSet(), _PPOMController_initialisePPOM = | ||
| /* | ||
@@ -247,4 +252,9 @@ * Initialise PPOM loading wasm file. | ||
| .catch((error) => { | ||
| console.error('Error in trying to initialize PPOM'); | ||
| console.error('Error in trying to initialize PPOM', error); | ||
| throw error; | ||
| }) | ||
| .finally(() => { | ||
| if (__classPrivateFieldGet(this, _PPOMController_ppomInitialisationCallback, "f")) { | ||
| __classPrivateFieldGet(this, _PPOMController_ppomInitialisationCallback, "f").call(this); | ||
| } | ||
| }); | ||
@@ -264,2 +274,3 @@ } | ||
| }, _PPOMController_resetToInactiveState = function _PPOMController_resetToInactiveState() { | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_resetPPOM).call(this); | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_clearDataFetchIntervals).call(this); | ||
@@ -288,2 +299,3 @@ this.update((draftState) => { | ||
| const existingNetworkObject = chainStatus[id]; | ||
| const oldChainId = __classPrivateFieldGet(this, _PPOMController_chainId, "f"); | ||
| __classPrivateFieldSet(this, _PPOMController_chainId, id, "f"); | ||
@@ -304,2 +316,12 @@ chainStatus = { | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_checkScheduleFileDownloadForAllChains).call(this); | ||
| if (oldChainId !== id) { | ||
| if (chainStatus[id]?.dataFetched) { | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_reinitPPOM).call(this).catch(() => { | ||
| console.error('Error in re-init of PPOM'); | ||
| }); | ||
| } | ||
| else { | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_resetPPOM).call(this); | ||
| } | ||
| } | ||
| }, _PPOMController_onPreferenceChange = function _PPOMController_onPreferenceChange(preferenceControllerState) { | ||
@@ -322,2 +344,25 @@ const blockaidEnabled = preferenceControllerState.securityAlertsEnabled; | ||
| this.messagingSystem.registerActionHandler(`${controllerName}:updatePPOM`, this.updatePPOM.bind(this)); | ||
| }, _PPOMController_resetPPOM = function _PPOMController_resetPPOM() { | ||
| if (__classPrivateFieldGet(this, _PPOMController_ppom, "f")) { | ||
| __classPrivateFieldGet(this, _PPOMController_ppom, "f").free(); | ||
| __classPrivateFieldSet(this, _PPOMController_ppom, undefined, "f"); | ||
| } | ||
| }, _PPOMController_reinitPPOM = | ||
| /* | ||
| * The function initialises PPOM. | ||
| */ | ||
| async function _PPOMController_reinitPPOM() { | ||
| __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_resetPPOM).call(this); | ||
| __classPrivateFieldSet(this, _PPOMController_ppom, await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_getPPOM).call(this), "f"); | ||
| }, _PPOMController_reinitPPOMForNetworkIfRequired = | ||
| /** | ||
| * Conditionally update the ppom configuration. | ||
| * | ||
| * The function will check if files are required to be downloaded and | ||
| * if needed will re-initialise PPOM passing new network files to it. | ||
| */ | ||
| async function _PPOMController_reinitPPOMForNetworkIfRequired() { | ||
| if (__classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_isDataRequiredForCurrentChain).call(this)) { | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_getNewFilesForCurrentChain).call(this); | ||
| } | ||
| }, _PPOMController_isDataRequiredForCurrentChain = function _PPOMController_isDataRequiredForCurrentChain() { | ||
@@ -375,3 +420,3 @@ const { chainStatus } = this.state; | ||
| const fileData = await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_fetchBlob).call(this, fileUrl); | ||
| await (0, util_1.validateSignature)(fileData, fileVersionInfo.signature, __classPrivateFieldGet(this, _PPOMController_blockaidPublicKey, "f"), fileVersionInfo.filePath); | ||
| await (0, util_1.validateSignature)(fileData, fileVersionInfo.hashSignature, __classPrivateFieldGet(this, _PPOMController_blockaidPublicKey, "f"), fileVersionInfo.filePath); | ||
| await __classPrivateFieldGet(this, _PPOMController_storage, "f").writeFile({ | ||
@@ -405,3 +450,3 @@ data: fileData, | ||
| } | ||
| }, _PPOMController_getNewFilesForCurrentChainIfNeeded = | ||
| }, _PPOMController_getNewFilesForCurrentChain = | ||
| /* | ||
@@ -412,13 +457,13 @@ * Fetches new files for current network and save them to storage. | ||
| */ | ||
| async function _PPOMController_getNewFilesForCurrentChainIfNeeded() { | ||
| if (!__classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_isDataRequiredForCurrentChain).call(this)) { | ||
| return; | ||
| } | ||
| const versionInfoForCurrentChain = this.state.versionInfo.filter(({ chainId }) => chainId === __classPrivateFieldGet(this, _PPOMController_chainId, "f")); | ||
| await Promise.all(versionInfoForCurrentChain.map(async (fileVersionInfo) => { | ||
| async function _PPOMController_getNewFilesForCurrentChain() { | ||
| for (const fileVersionInfo of this.state.versionInfo) { | ||
| if (fileVersionInfo.chainId !== __classPrivateFieldGet(this, _PPOMController_chainId, "f")) { | ||
| continue; | ||
| } | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_getFile).call(this, fileVersionInfo).catch((exp) => { | ||
| console.error(`Error in getting file ${fileVersionInfo.filePath}: ${exp.message}`); | ||
| }); | ||
| })); | ||
| } | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_setChainIdDataFetched).call(this, __classPrivateFieldGet(this, _PPOMController_chainId, "f")); | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_reinitPPOM).call(this); | ||
| }, _PPOMController_getListOfFilesToBeFetched = | ||
@@ -511,2 +556,5 @@ /* | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_setChainIdDataFetched).call(this, fileVersionInfo.chainId); | ||
| if (fileVersionInfo.chainId === __classPrivateFieldGet(this, _PPOMController_chainId, "f")) { | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_reinitPPOM).call(this); | ||
| } | ||
| } | ||
@@ -623,6 +671,10 @@ }) | ||
| // thus it is added here to prevent validation from failing. | ||
| // eslint-disable-next-line @typescript-eslint/no-floating-promises | ||
| await __classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_initialisePPOM).call(this); | ||
| __classPrivateFieldSet(this, _PPOMController_ppomInitError, undefined, "f"); | ||
| const { chainStatus } = this.state; | ||
| const chainInfo = chainStatus[__classPrivateFieldGet(this, _PPOMController_chainId, "f")]; | ||
| if (!chainInfo?.versionInfo?.length) { | ||
| throw new Error(`Aborting validation as no files are found for the network with chainId: ${__classPrivateFieldGet(this, _PPOMController_chainId, "f")}`); | ||
| __classPrivateFieldSet(this, _PPOMController_ppomInitError, `Aborting validation as no files are found for the network with chainId: ${__classPrivateFieldGet(this, _PPOMController_chainId, "f")}`, "f"); | ||
| return undefined; | ||
| } | ||
@@ -656,6 +708,9 @@ // Get all the files for the chainId | ||
| if (files.length !== chainInfo?.versionInfo?.length) { | ||
| throw new Error(`Aborting validation as not all files could not be downloaded for the network with chainId: ${__classPrivateFieldGet(this, _PPOMController_chainId, "f")}`); | ||
| __classPrivateFieldSet(this, _PPOMController_ppomInitError, `Aborting validation as not all files could not be downloaded for the network with chainId: ${__classPrivateFieldGet(this, _PPOMController_chainId, "f")}`, "f"); | ||
| return undefined; | ||
| } | ||
| const { PPOM } = __classPrivateFieldGet(this, _PPOMController_ppomProvider, "f"); | ||
| return PPOM.new(__classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_jsonRpcRequest).bind(this), files); | ||
| return await __classPrivateFieldGet(this, _PPOMController_ppomMutex, "f").use(async () => { | ||
| const { PPOM } = __classPrivateFieldGet(this, _PPOMController_ppomProvider, "f"); | ||
| return PPOM.new(__classPrivateFieldGet(this, _PPOMController_instances, "m", _PPOMController_jsonRpcRequest).bind(this), files); | ||
| }); | ||
| }, _PPOMController_onDataUpdateDuration = function _PPOMController_onDataUpdateDuration() { | ||
@@ -662,0 +717,0 @@ this.updatePPOM().catch((exp) => { |
@@ -26,4 +26,4 @@ export declare const IdGenerator: () => number; | ||
| }; | ||
| export declare const validateSignature: (data: any, signature: string, key: string, filePath: string) => Promise<void>; | ||
| export declare const validateSignature: (data: ArrayBuffer, hashSignature: string, key: string, filePath: string, useNative?: boolean) => Promise<void>; | ||
| export declare const constructURLHref: (base: string, path: string) => string; | ||
| export declare const addHexPrefix: (str: string) => string; |
| "use strict"; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| var desc = Object.getOwnPropertyDescriptor(m, k); | ||
| if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
| desc = { enumerable: true, get: function() { return m[k]; } }; | ||
| } | ||
| Object.defineProperty(o, k2, desc); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
| Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
| }) : function(o, v) { | ||
| o["default"] = v; | ||
| }); | ||
| var __importStar = (this && this.__importStar) || function (mod) { | ||
| if (mod && mod.__esModule) return mod; | ||
| var result = {}; | ||
| if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
| __setModuleDefault(result, mod); | ||
| return result; | ||
| }; | ||
| var __importDefault = (this && this.__importDefault) || function (mod) { | ||
@@ -7,2 +30,3 @@ return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
| exports.addHexPrefix = exports.constructURLHref = exports.validateSignature = exports.PROVIDER_ERRORS = exports.createPayload = exports.IdGenerator = void 0; | ||
| const crypto_js_1 = __importStar(require("crypto-js")); | ||
| const elliptic_1 = __importDefault(require("elliptic")); | ||
@@ -38,7 +62,26 @@ const json_rpc_random_id_1 = __importDefault(require("json-rpc-random-id")); | ||
| }; | ||
| const validateSignature = async (data, signature, key, filePath) => { | ||
| const getHash = async (data, useNative) => { | ||
| if ('crypto' in globalThis && | ||
| typeof globalThis.crypto === 'object' && | ||
| globalThis.crypto.subtle?.digest && | ||
| useNative) { | ||
| const hashBuffer = await globalThis.crypto.subtle.digest('SHA-256', data); | ||
| const hashArray = Array.from(new Uint8Array(hashBuffer)); | ||
| const hash = hashArray | ||
| .map((item) => item.toString(16).padStart(2, '0')) | ||
| .join(''); | ||
| return hash; | ||
| } | ||
| return (0, crypto_js_1.SHA256)(crypto_js_1.default.lib.WordArray.create(data)).toString(); | ||
| }; | ||
| // useNative argument is added for testing purpose, without it test cases are breaking in Node-20 and above | ||
| // Reason being that in node 20 crypto is always present in globalThis | ||
| // and it is not possible to reset it due to security reasons | ||
| const validateSignature = async (data, hashSignature, key, filePath, useNative = true) => { | ||
| const hashString = await getHash(data, useNative); | ||
| // const hashString = hash.toString(); | ||
| const ec = new EdDSA('ed25519'); | ||
| const ecKey = ec.keyFromPublic(key); | ||
| // eslint-disable-next-line no-restricted-globals | ||
| const result = ecKey.verify(Buffer.from(data), signature); | ||
| const result = ecKey.verify(Buffer.from(hashString), hashSignature); | ||
| if (!result) { | ||
@@ -45,0 +88,0 @@ throw Error(`Signature verification failed for file path: ${filePath}`); |
| { | ||
| "name": "@metamask/ppom-validator", | ||
| "version": "0.11.0", | ||
| "version": "0.12.0", | ||
| "description": "This module has code to integrate Blockaid PPOM with MetaMask", | ||
@@ -37,2 +37,3 @@ "homepage": "https://github.com/MetaMask/ppom-validator#readme", | ||
| "await-semaphore": "^0.1.3", | ||
| "crypto-js": "^4.2.0", | ||
| "elliptic": "^6.5.4", | ||
@@ -49,2 +50,3 @@ "json-rpc-random-id": "^1.0.1" | ||
| "@metamask/eslint-config-typescript": "^11.0.0", | ||
| "@types/crypto-js": "^4.2.1", | ||
| "@types/elliptic": "^6.4.14", | ||
@@ -51,0 +53,0 @@ "@types/jest": "^28.1.6", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by8.2%
145782
- Lines of code
- increased by8.98%
1238
Worsened metrics
- Dependency count
- increased by20%
6
- Dev dependency count
- increased by3.33%
31
Dependency changes
+ Addedcrypto-js@^4.2.0
+ Addedcrypto-js@4.2.0(transitive)