From b28e647fb1ca0650c962910b2b2342be5907eee7 Mon Sep 17 00:00:00 2001 From: Pierre Troger Date: Tue, 3 Dec 2024 11:47:33 +0100 Subject: [PATCH] re-generated sdk, removed logs --- .../data-store/__test__/unit/client.spec.ts | 1 - .../src/lib/http/client/auth/api.ts | 164 +++++++++++++++--- .../src/lib/http/client/vault/api.ts | 74 +++++++- .../src/lib/__test__/unit/sign.spec.ts | 19 +- .../src/lib/__test__/unit/util.spec.ts | 15 +- .../src/lib/__test__/unit/verify.spec.ts | 7 +- packages/signature/src/lib/schemas.ts | 21 ++- packages/signature/src/lib/sign.ts | 16 +- packages/signature/src/lib/types.ts | 26 ++- packages/signature/src/lib/utils.ts | 27 +-- packages/signature/src/lib/verify.ts | 32 ++-- 11 files changed, 302 insertions(+), 100 deletions(-) diff --git a/packages/armory-sdk/src/lib/data-store/__test__/unit/client.spec.ts b/packages/armory-sdk/src/lib/data-store/__test__/unit/client.spec.ts index 1f409e4fc..7ec0ac995 100644 --- a/packages/armory-sdk/src/lib/data-store/__test__/unit/client.spec.ts +++ b/packages/armory-sdk/src/lib/data-store/__test__/unit/client.spec.ts @@ -19,7 +19,6 @@ describe('SDK Compression Interceptors', () => { expect(result.headers['Content-Encoding']).toBe('gzip') - console.log('data', result) const decompressed = await gunzip(result.data) expect(JSON.parse(decompressed.toString())).toEqual({ test: 'data' }) }) diff --git a/packages/armory-sdk/src/lib/http/client/auth/api.ts b/packages/armory-sdk/src/lib/http/client/auth/api.ts index 5a0449af9..b85de5a12 100644 --- a/packages/armory-sdk/src/lib/http/client/auth/api.ts +++ b/packages/armory-sdk/src/lib/http/client/auth/api.ts @@ -1155,20 +1155,23 @@ export interface CreateClientRequestDtoDataStoreEntityKeysInner { export const CreateClientRequestDtoDataStoreEntityKeysInnerKtyEnum = { Ec: 'EC', - Rsa: 'RSA' + Rsa: 'RSA', + Okp: 'OKP' } as const; export type CreateClientRequestDtoDataStoreEntityKeysInnerKtyEnum = typeof CreateClientRequestDtoDataStoreEntityKeysInnerKtyEnum[keyof typeof CreateClientRequestDtoDataStoreEntityKeysInnerKtyEnum]; export const CreateClientRequestDtoDataStoreEntityKeysInnerCrvEnum = { Secp256k1: 'secp256k1', - P256: 'P-256' + P256: 'P-256', + Ed25519: 'Ed25519' } as const; export type CreateClientRequestDtoDataStoreEntityKeysInnerCrvEnum = typeof CreateClientRequestDtoDataStoreEntityKeysInnerCrvEnum[keyof typeof CreateClientRequestDtoDataStoreEntityKeysInnerCrvEnum]; export const CreateClientRequestDtoDataStoreEntityKeysInnerAlgEnum = { Es256K: 'ES256K', Es256: 'ES256', - Rs256: 'RS256' + Rs256: 'RS256', + Eddsa: 'EDDSA' } as const; export type CreateClientRequestDtoDataStoreEntityKeysInnerAlgEnum = typeof CreateClientRequestDtoDataStoreEntityKeysInnerAlgEnum[keyof typeof CreateClientRequestDtoDataStoreEntityKeysInnerAlgEnum]; @@ -1319,7 +1322,7 @@ export interface CreateClientResponseDtoPolicyEngineNodesInner { * @type CreateClientResponseDtoPolicyEngineNodesInnerPublicKey * @export */ -export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKey = CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf1 | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf2 | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3; +export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKey = CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf1 | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf2 | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3 | CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4; /** * @@ -1610,6 +1613,78 @@ export const CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3UseEnum export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3UseEnum = typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3UseEnum[keyof typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf3UseEnum]; +/** + * + * @export + * @interface CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ +export interface CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 { + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'kty': CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4KtyEnum; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'alg': CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4AlgEnum; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'use'?: CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4UseEnum; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'kid': string; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'addr'?: string; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'crv': CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4CrvEnum; + /** + * + * @type {string} + * @memberof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4 + */ + 'x': string; +} + +export const CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4KtyEnum = { + Okp: 'OKP' +} as const; + +export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4KtyEnum = typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4KtyEnum[keyof typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4KtyEnum]; +export const CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4AlgEnum = { + Eddsa: 'EDDSA' +} as const; + +export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4AlgEnum = typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4AlgEnum[keyof typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4AlgEnum]; +export const CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4UseEnum = { + Sig: 'sig', + Enc: 'enc' +} as const; + +export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4UseEnum = typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4UseEnum[keyof typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4UseEnum]; +export const CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4CrvEnum = { + Ed25519: 'Ed25519' +} as const; + +export type CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4CrvEnum = typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4CrvEnum[keyof typeof CreateClientResponseDtoPolicyEngineNodesInnerPublicKeyOneOf4CrvEnum]; + /** * * @export @@ -2840,7 +2915,8 @@ export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf28CriterionEnum = typ export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf28ArgsEnum = { Es256K: 'ES256K', Es256: 'ES256', - Rs256: 'RS256' + Rs256: 'RS256', + Eddsa: 'EDDSA' } as const; export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf28ArgsEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf28ArgsEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf28ArgsEnum]; @@ -3371,7 +3447,8 @@ export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf38ArgsInnerTypeEnum = export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf38ArgsInnerAlgorithmEnum = { Es256K: 'ES256K', Es256: 'ES256', - Rs256: 'RS256' + Rs256: 'RS256', + Eddsa: 'EDDSA' } as const; export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf38ArgsInnerAlgorithmEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf38ArgsInnerAlgorithmEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf38ArgsInnerAlgorithmEnum]; @@ -3748,57 +3825,94 @@ export interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsFilters { */ 'accountGroups'?: Array; } +/** + * @type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @export + */ +export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow = PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf | PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1; + /** * * @export - * @interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf */ -export interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow { +export interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf { /** * * @type {string} - * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf */ - 'type'?: PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowTypeEnum; + 'type': PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfTypeEnum; /** * * @type {string} - * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow - */ - 'period'?: PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowPeriodEnum; - /** - * - * @type {number} - * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf */ - 'value'?: number; + 'period': PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfPeriodEnum; /** * * @type {number} - * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf */ 'startDate'?: number; /** * * @type {number} - * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindow + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf */ 'endDate'?: number; } -export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowTypeEnum = { - Rolling: 'rolling', +export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfTypeEnum = { Fixed: 'fixed' } as const; -export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowTypeEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowTypeEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowTypeEnum]; -export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowPeriodEnum = { +export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfTypeEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfTypeEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfTypeEnum]; +export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfPeriodEnum = { _1d: '1d', _1m: '1m', _1y: '1y' } as const; -export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowPeriodEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowPeriodEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowPeriodEnum]; +export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfPeriodEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfPeriodEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOfPeriodEnum]; + +/** + * + * @export + * @interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 + */ +export interface PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 { + /** + * + * @type {string} + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 + */ + 'type': PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1TypeEnum; + /** + * + * @type {number} + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 + */ + 'value': number; + /** + * + * @type {number} + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 + */ + 'startDate'?: number; + /** + * + * @type {number} + * @memberof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1 + */ + 'endDate'?: number; +} + +export const PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1TypeEnum = { + Rolling: 'rolling' +} as const; + +export type PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1TypeEnum = typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1TypeEnum[keyof typeof PolicyDataStoreDtoPolicyDataInnerWhenInnerOneOf43ArgsTimeWindowOneOf1TypeEnum]; /** * diff --git a/packages/armory-sdk/src/lib/http/client/vault/api.ts b/packages/armory-sdk/src/lib/http/client/vault/api.ts index a6893580c..56fa6c980 100644 --- a/packages/armory-sdk/src/lib/http/client/vault/api.ts +++ b/packages/armory-sdk/src/lib/http/client/vault/api.ts @@ -217,7 +217,7 @@ export interface CreateClientDto { * @type CreateClientDtoEngineJwk * @export */ -export type CreateClientDtoEngineJwk = CreateClientDtoEngineJwkOneOf | CreateClientDtoEngineJwkOneOf1 | CreateClientDtoEngineJwkOneOf2 | EncryptionKeyDtoPublicKey; +export type CreateClientDtoEngineJwk = CreateClientDtoEngineJwkOneOf | CreateClientDtoEngineJwkOneOf1 | CreateClientDtoEngineJwkOneOf2 | CreateClientDtoEngineJwkOneOf3 | EncryptionKeyDtoPublicKey; /** * @@ -441,6 +441,78 @@ export const CreateClientDtoEngineJwkOneOf2UseEnum = { export type CreateClientDtoEngineJwkOneOf2UseEnum = typeof CreateClientDtoEngineJwkOneOf2UseEnum[keyof typeof CreateClientDtoEngineJwkOneOf2UseEnum]; +/** + * + * @export + * @interface CreateClientDtoEngineJwkOneOf3 + */ +export interface CreateClientDtoEngineJwkOneOf3 { + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'kty': CreateClientDtoEngineJwkOneOf3KtyEnum; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'alg': CreateClientDtoEngineJwkOneOf3AlgEnum; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'use'?: CreateClientDtoEngineJwkOneOf3UseEnum; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'kid': string; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'addr'?: string; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'crv': CreateClientDtoEngineJwkOneOf3CrvEnum; + /** + * + * @type {string} + * @memberof CreateClientDtoEngineJwkOneOf3 + */ + 'x': string; +} + +export const CreateClientDtoEngineJwkOneOf3KtyEnum = { + Okp: 'OKP' +} as const; + +export type CreateClientDtoEngineJwkOneOf3KtyEnum = typeof CreateClientDtoEngineJwkOneOf3KtyEnum[keyof typeof CreateClientDtoEngineJwkOneOf3KtyEnum]; +export const CreateClientDtoEngineJwkOneOf3AlgEnum = { + Eddsa: 'EDDSA' +} as const; + +export type CreateClientDtoEngineJwkOneOf3AlgEnum = typeof CreateClientDtoEngineJwkOneOf3AlgEnum[keyof typeof CreateClientDtoEngineJwkOneOf3AlgEnum]; +export const CreateClientDtoEngineJwkOneOf3UseEnum = { + Sig: 'sig', + Enc: 'enc' +} as const; + +export type CreateClientDtoEngineJwkOneOf3UseEnum = typeof CreateClientDtoEngineJwkOneOf3UseEnum[keyof typeof CreateClientDtoEngineJwkOneOf3UseEnum]; +export const CreateClientDtoEngineJwkOneOf3CrvEnum = { + Ed25519: 'Ed25519' +} as const; + +export type CreateClientDtoEngineJwkOneOf3CrvEnum = typeof CreateClientDtoEngineJwkOneOf3CrvEnum[keyof typeof CreateClientDtoEngineJwkOneOf3CrvEnum]; + /** * * @export diff --git a/packages/signature/src/lib/__test__/unit/sign.spec.ts b/packages/signature/src/lib/__test__/unit/sign.spec.ts index 8018a0f9a..2da0fb1f3 100644 --- a/packages/signature/src/lib/__test__/unit/sign.spec.ts +++ b/packages/signature/src/lib/__test__/unit/sign.spec.ts @@ -1,28 +1,35 @@ import { secp256k1 } from '@noble/curves/secp256k1' import { sha256 as sha256Hash } from '@noble/hashes/sha256' +import { toBytes } from '@noble/hashes/utils' import { exportJWK, importPKCS8 } from 'jose' import { createPublicKey } from 'node:crypto' -import { hexToBytes, toHex, verifyMessage } from 'viem' +import { toHex, verifyMessage } from 'viem' import { privateKeyToAccount, signMessage } from 'viem/accounts' -import { buildSignerEdDSA, buildSignerEip191, buildSignerEs256k, signJwt, signSecp256k1, signatureToHex } from '../../sign' +import { + buildSignerEdDSA, + buildSignerEip191, + buildSignerEs256k, + signJwt, + signSecp256k1, + signatureToHex +} from '../../sign' import { Alg, Curves, Jwk, KeyTypes, Payload, PrivateKey, SigningAlg } from '../../types' import { base64UrlToBytes, base64UrlToHex, + ed25519polyfilled as ed, ellipticPrivateKeyToHex, ellipticPublicKeyToHex, generateJwk, hexToBase64Url, privateKeyToHex, - secp256k1PrivateKeyToJwk, - secp256k1PublicKeyToJwk, - ed25519polyfilled as ed, privateKeyToJwk, publicKeyToHex, + secp256k1PrivateKeyToJwk, + secp256k1PublicKeyToJwk } from '../../utils' import { verifyJwt } from '../../verify' import { HEADER_PART, PAYLOAD_PART, PRIVATE_KEY_PEM } from './mock' -import { toBytes } from '@noble/hashes/utils' describe('sign', () => { const UNSAFE_PRIVATE_KEY = '7cfef3303797cbc7515d9ce22ffe849c701b0f2812f999b0847229c47951fca5' diff --git a/packages/signature/src/lib/__test__/unit/util.spec.ts b/packages/signature/src/lib/__test__/unit/util.spec.ts index 8f9346691..792bc9a60 100644 --- a/packages/signature/src/lib/__test__/unit/util.spec.ts +++ b/packages/signature/src/lib/__test__/unit/util.spec.ts @@ -1,6 +1,11 @@ import { toHex } from 'viem' import { hash } from '../../hash' -import { p256PrivateKeySchema, rsaPrivateKeySchema, secp256k1PrivateKeySchema, ed25519PrivateKeySchema } from '../../schemas' +import { + ed25519PrivateKeySchema, + p256PrivateKeySchema, + rsaPrivateKeySchema, + secp256k1PrivateKeySchema +} from '../../schemas' import { buildSignerEip191, signJwt } from '../../sign' import { Alg, @@ -13,6 +18,7 @@ import { secp256k1PublicKeySchema } from '../../types' import { + ed25519polyfilled, ellipticPrivateKeyToHex, generateJwk, privateKeyToHex, @@ -20,8 +26,7 @@ import { publicKeyToHex, publicKeyToJwk, requestWithoutWildcardFields, - rsaPrivateKeyToPublicKey, - ed25519polyfilled + rsaPrivateKeyToPublicKey } from '../../utils' import { validateJwk } from '../../validate' import { verifyJwt } from '../../verify' @@ -206,7 +211,7 @@ describe('publicKeyToJwk', () => { it('converts a valid EDDSA hex public key to JWK', async () => { const jwk = publicKeyToJwk(eddsaHexPublicKey, Alg.EDDSA) - const { d, ...eddsaPublicKey } = eddsaKey + const { d: _d, ...eddsaPublicKey } = eddsaKey expect(jwk).toEqual(eddsaPublicKey) }) @@ -215,7 +220,7 @@ describe('publicKeyToJwk', () => { const publicKey = ed25519polyfilled.sync.getPublicKey(key) const asyncPublicKey = await ed25519polyfilled.getPublicKey(key) - const publicHexKey = (await publicKeyToHex(privateKeyToJwk(toHex(key), Alg.EDDSA))) + const publicHexKey = await publicKeyToHex(privateKeyToJwk(toHex(key), Alg.EDDSA)) expect(publicHexKey).toEqual(toHex(publicKey)) expect(publicHexKey).toEqual(toHex(asyncPublicKey)) diff --git a/packages/signature/src/lib/__test__/unit/verify.spec.ts b/packages/signature/src/lib/__test__/unit/verify.spec.ts index 1eb94e228..0ecb1052e 100644 --- a/packages/signature/src/lib/__test__/unit/verify.spec.ts +++ b/packages/signature/src/lib/__test__/unit/verify.spec.ts @@ -1,10 +1,11 @@ +import * as ed from '@noble/ed25519' import { signatureToHex, toBytes, toHex } from 'viem' import { JwtError } from '../../error' import { hash } from '../../hash' import { secp256k1PublicKeySchema } from '../../schemas' import { signJwt, signSecp256k1 } from '../../sign' import { Alg, Header, JwtVerifyOptions, Payload, Secp256k1PublicKey, SigningAlg } from '../../types' -import { generateJwk, nowSeconds, privateKeyToHex, privateKeyToJwk, secp256k1PrivateKeyToJwk, base64UrlToBytes, publicKeyToHex, publicKeyToJwk } from '../../utils'; +import { generateJwk, nowSeconds, privateKeyToJwk, publicKeyToJwk, secp256k1PrivateKeyToJwk } from '../../utils' import { validateJwk } from '../../validate' import { checkAccess, @@ -23,7 +24,6 @@ import { verifyJwtHeader, verifySecp256k1 } from '../../verify' -import * as ed from '@noble/ed25519' const ENGINE_PRIVATE_KEY = '7cfef3303797cbc7515d9ce22ffe849c701b0f2812f999b0847229c47951fca5' @@ -212,9 +212,6 @@ describe('verifyEd215519', () => { const pubKey = await ed.getPublicKey(key) const jwk = publicKeyToJwk(toHex(pubKey), Alg.EDDSA) - console.log({ - jwk - }) const signature = await ed.sign(msg, key) const isVerified = await ed.verify(signature, msg, pubKey) diff --git a/packages/signature/src/lib/schemas.ts b/packages/signature/src/lib/schemas.ts index 55b7accb2..7ee896cd7 100644 --- a/packages/signature/src/lib/schemas.ts +++ b/packages/signature/src/lib/schemas.ts @@ -20,18 +20,17 @@ export const jwkEoaSchema = z.object({ addr: addressSchema }) - // EdDSA Base and PublicKey Schema export const ed25519PublicKeySchema = jwkBaseSchema.extend({ kty: z.literal(KeyTypes.OKP), crv: z.literal(Curves.ED25519), alg: z.literal(Alg.EDDSA), - x: z.string() // Ed25519 public key, no y coordinate + x: z.string() // Ed25519 public key, no y coordinate }) // EdDSA Private Key Schema export const ed25519PrivateKeySchema = ed25519PublicKeySchema.extend({ - d: z.string(), // Ed25519 private key + d: z.string(), // Ed25519 private key x: z.string().optional() }) @@ -94,8 +93,12 @@ export const publicKeySchema = z.union([ ed25519PublicKeySchema ]) - -export const privateKeySchema = z.union([secp256k1PrivateKeySchema, p256PrivateKeySchema, rsaPrivateKeySchema, ed25519PrivateKeySchema]) +export const privateKeySchema = z.union([ + secp256k1PrivateKeySchema, + p256PrivateKeySchema, + rsaPrivateKeySchema, + ed25519PrivateKeySchema +]) export const ed25519KeySchema = z.union([ed25519PublicKeySchema, ed25519PrivateKeySchema]) @@ -131,7 +134,13 @@ export const jwkSchema = dynamicKeySchema.extend({ export const Header = z.intersection( z.record(z.string(), z.unknown()), z.object({ - alg: z.union([z.literal('ES256K'), z.literal('ES256'), z.literal('RS256'), z.literal('EIP191'), z.literal('EDDSA')]), + alg: z.union([ + z.literal('ES256K'), + z.literal('ES256'), + z.literal('RS256'), + z.literal('EIP191'), + z.literal('EDDSA') + ]), kid: z.string().min(1).describe('The key ID to identify the signing key.'), typ: z .union([z.literal('JWT'), z.literal('gnap-binding-jwsd')]) diff --git a/packages/signature/src/lib/sign.ts b/packages/signature/src/lib/sign.ts index cb529b164..8e14c3740 100644 --- a/packages/signature/src/lib/sign.ts +++ b/packages/signature/src/lib/sign.ts @@ -8,10 +8,9 @@ import { JwtError } from './error' import { hash } from './hash' import { canonicalize } from './json.util' import { jwkBaseSchema, privateKeySchema } from './schemas' -import { Alg, EcdsaSignature, Header, Hex, Jwk, JwsdHeader, PartialJwk, Payload, PrivateKey, PublicKey, publicKeySchema, SigningAlg } from './types' -import { hexToBase64Url, privateKeyToHex, stringToBase64Url } from './utils' +import { Alg, EcdsaSignature, Header, Hex, Jwk, JwsdHeader, PartialJwk, Payload, PrivateKey, SigningAlg } from './types' +import { ed25519polyfilled as ed25519, hexToBase64Url, privateKeyToHex, stringToBase64Url } from './utils' import { validateJwk } from './validate' -import { ed25519polyfilled as ed25519 } from './utils' const SigningAlgToKey = { [SigningAlg.EIP191]: Alg.ES256K, @@ -223,17 +222,16 @@ export const buildSignerEip191 = return hexToBase64Url(hexSignature) } - export const signEd25519 = async (message: Uint8Array, privateKey: Hex | string): Promise => { - const pk = isHex(privateKey) ? privateKey.slice(2) : privateKey - const signature = await ed25519.sign(message, pk) +export const signEd25519 = async (message: Uint8Array, privateKey: Hex | string): Promise => { + const pk = isHex(privateKey) ? privateKey.slice(2) : privateKey + const signature = await ed25519.sign(message, pk) - return signature + return signature } - export const buildSignerEdDSA = +export const buildSignerEdDSA = (privateKey: Hex | string) => async (messageToSign: string): Promise => { - const signature = await signEd25519(toBytes(messageToSign), privateKey) return hexToBase64Url(toHex(signature)) } diff --git a/packages/signature/src/lib/types.ts b/packages/signature/src/lib/types.ts index d1f9b4fb8..02ab01d34 100644 --- a/packages/signature/src/lib/types.ts +++ b/packages/signature/src/lib/types.ts @@ -4,7 +4,7 @@ import { addressSchema } from './address.schema' export const KeyTypes = { EC: 'EC', RSA: 'RSA', - OKP: 'OKP', // Octet Key Pair for EdDSA + OKP: 'OKP' // Octet Key Pair for EdDSA } as const export type KeyTypes = (typeof KeyTypes)[keyof typeof KeyTypes] @@ -69,23 +69,20 @@ export const ecBaseSchema = jwkBaseSchema.extend({ y: z.string() }) - - // EdDSA Base and PublicKey Schema export const ed25519PublicKeySchema = jwkBaseSchema.extend({ kty: z.literal(KeyTypes.OKP), crv: z.literal(Curves.ED25519), alg: z.literal(Alg.EDDSA), - x: z.string() // Ed25519 public key, no y coordinate + x: z.string() // Ed25519 public key, no y coordinate }) // EdDSA Private Key Schema export const ed25519PrivateKeySchema = ed25519PublicKeySchema.extend({ - d: z.string(), // Ed25519 private key + d: z.string(), // Ed25519 private key x: z.string().optional() }) - // RSA Base Schema export const rsaBaseSchema = jwkBaseSchema.extend({ kty: z.literal(KeyTypes.RSA), @@ -137,7 +134,12 @@ export const publicKeySchema = z.union([ ed25519PublicKeySchema ]) -export const privateKeySchema = z.union([secp256k1PrivateKeySchema, p256PrivateKeySchema, rsaPrivateKeySchema, ed25519PrivateKeySchema]) +export const privateKeySchema = z.union([ + secp256k1PrivateKeySchema, + p256PrivateKeySchema, + rsaPrivateKeySchema, + ed25519PrivateKeySchema +]) export const secp256k1KeySchema = z.union([secp256k1PublicKeySchema, secp256k1PrivateKeySchema]) @@ -173,7 +175,13 @@ export const jwkSchema = dynamicKeySchema.extend({ export const Header = z.intersection( z.record(z.string(), z.unknown()), z.object({ - alg: z.union([z.literal('ES256K'), z.literal('ES256'), z.literal('RS256'), z.literal('EIP191'), z.literal('EDDSA')]), + alg: z.union([ + z.literal('ES256K'), + z.literal('ES256'), + z.literal('RS256'), + z.literal('EIP191'), + z.literal('EDDSA') + ]), kid: z.string().min(1).describe('The key ID to identify the signing key.'), typ: z .union([z.literal('JWT'), z.literal('gnap-binding-jwsd')]) @@ -200,7 +208,7 @@ export const Header = z.intersection( export type Header = z.infer export const JwsdHeader = z.object({ - alg: z.union([z.literal('ES256K'), z.literal('ES256'), z.literal('RS256'), z.literal('EIP191')]), + alg: z.union([z.literal('ES256K'), z.literal('ES256'), z.literal('RS256'), z.literal('EIP191'), z.literal('EDDSA')]), kid: z.string().min(1).describe('The key ID to identify the signing key.'), typ: z .literal('gnap-binding-jwsd') diff --git a/packages/signature/src/lib/utils.ts b/packages/signature/src/lib/utils.ts index e482ba21a..744207776 100644 --- a/packages/signature/src/lib/utils.ts +++ b/packages/signature/src/lib/utils.ts @@ -2,18 +2,27 @@ import { p256 } from '@noble/curves/p256' import { secp256k1 } from '@noble/curves/secp256k1' import * as ed25519 from '@noble/ed25519' import { sha256 as sha256Hash } from '@noble/hashes/sha256' +import { sha512 } from '@noble/hashes/sha512' import { subtle } from 'crypto' import { exportJWK, generateKeyPair } from 'jose' import { cloneDeep, omit } from 'lodash' import { toHex } from 'viem' import { publicKeyToAddress } from 'viem/utils' import { JwtError } from './error' -import { ed25519KeySchema, ed25519PrivateKeySchema, ellipticKeySchema, privateKeySchema, rsaPrivateKeySchema, rsaPublicKeySchema } from './schemas' +import { + ed25519KeySchema, + ed25519PrivateKeySchema, + ellipticKeySchema, + privateKeySchema, + rsaPrivateKeySchema, + rsaPublicKeySchema +} from './schemas' import { Alg, Curves, Ed25519Key, Ed25519PrivateKey, + Ed25519PublicKey, EllipticKey, Hex, Jwk, @@ -22,19 +31,16 @@ import { P256PublicKey, PrivateKey, PublicKey, - publicKeySchema, RsaPrivateKey, RsaPublicKey, Secp256k1PrivateKey, Secp256k1PublicKey, Use, + publicKeySchema } from './types' import { validateJwk } from './validate' -import { Ed25519PublicKey } from './types'; -import { sha512 } from '@noble/hashes/sha512' - -ed25519.utils.sha512Sync = (...m) => sha512(ed25519.utils.concatBytes(...m)); +ed25519.utils.sha512Sync = (...m) => sha512(ed25519.utils.concatBytes(...m)) export const algToJwk = ( alg: Alg @@ -130,14 +136,9 @@ export const ed25519PublicKeyToJwk = (publicKey: Hex, keyId?: string): Ed25519Pu } export const ed25519PrivateKeyToJwk = (privateKey: Hex, keyId?: string): Ed25519PrivateKey => { - console.log('Input private key:', privateKey) - const publicKey = toHex(ed25519.sync.getPublicKey(privateKey.slice(2))) - const publicJwk = ed25519PublicKeyToJwk(publicKey, keyId) - console.log('Public JWK:', publicJwk) - return { ...publicJwk, d: hexToBase64Url(privateKey) @@ -297,7 +298,7 @@ export const ed25519PrivateKeyToHex = (jwk: Jwk): Hex => { jwk, errorMessage: 'Invalid Ed25519 Key' }) - + return base64UrlToHex(key.d) } @@ -459,4 +460,4 @@ export const requestWithoutWildcardFields = ( return omit(cloneDeep(request), validPaths) } -export const ed25519polyfilled = ed25519 \ No newline at end of file +export const ed25519polyfilled = ed25519 diff --git a/packages/signature/src/lib/verify.ts b/packages/signature/src/lib/verify.ts index f221fa66b..621582f76 100644 --- a/packages/signature/src/lib/verify.ts +++ b/packages/signature/src/lib/verify.ts @@ -1,11 +1,12 @@ import { p256 } from '@noble/curves/p256' import { secp256k1 } from '@noble/curves/secp256k1' import { sha256 as sha256Hash } from '@noble/hashes/sha256' +import { toBytes } from '@noble/hashes/utils' import { subtle } from 'crypto' -import { hexToBytes, isAddressEqual, recoverAddress, toHex } from 'viem' +import { hexToBytes, isAddressEqual, recoverAddress } from 'viem' import { decodeJwsd, decodeJwt } from './decode' import { JwtError } from './error' -import { hash } from './hash'; +import { hash } from './hash' import { JwsdHeader, publicKeySchema } from './schemas' import { eip191Hash } from './sign' import { isSecp256k1PublicKeyJwk } from './typeguards' @@ -22,10 +23,15 @@ import { SigningAlg, type Jwt } from './types' -import { base64UrlToHex, hexToBase64Url, nowSeconds, publicKeyToHex, requestWithoutWildcardFields } from './utils' +import { + base64UrlToHex, + ed25519polyfilled as ed25519, + hexToBase64Url, + nowSeconds, + publicKeyToHex, + requestWithoutWildcardFields +} from './utils' import { buildJwkValidator } from './validate' -import { ed25519polyfilled as ed25519 } from './utils' -import { toBytes } from '@noble/hashes/utils' export const checkRequiredClaims = (payload: Payload, opts: JwtVerifyOptions): boolean => { const requiredClaims = [ @@ -183,21 +189,7 @@ export const verifyEd25519 = async (sig: Uint8Array, msg: Uint8Array, jwk: Publi const pubKeyBytes = hexToBytes(pubKey) - console.log({ - sig, - sigL: sig.length, - msg: msg.length - }) - - console.log('publicKey ', pubKeyBytes) - console.log('msg', msg) - const isValid = await ed25519.verify( - sig, - msg, - pubKeyBytes - ) - - console.log('isValid', isValid) + const isValid = await ed25519.verify(sig, msg, pubKeyBytes) return isValid }