mirror of
https://github.com/amark/gun.git
synced 2025-03-30 15:08:33 +00:00
f0cce073a8
* feat: create pair with seed, content addressing with shorter hash * feat: create pair using priv/epriv * optimize SEA.pair * feat: globalThis along with window * white labeling * feat: add WebAuthn example and enhance SEA.sign, SEA.verify, SEA check.pub, for WebAuthn support * feat: enhance WebAuthn integration with new put options and improved signature handling * polish SEA.sign and SEA.verify * feat: localize options in SEA.check.pub to enhance security and prevent attacks * fix: correct destructuring of user object to enhance security in SEA * rebuild SEA * feat: support ArrayBuffer as seed for key pair generation in SEA * test: add unit test for hashing ArrayBuffer in SEA * fix: create deterministic key pair from seed * fix: add missing B parameter for ECC curve and implement point validation * feat: add ArrayBuffer support for hashing in SEA and implement corresponding unit test * fix: convert numeric salt to string in PBKDF2 implementation * fix: convert numeric salt option to string in PBKDF2 implementation * improve hashing tests * improve sea.work * rebuild SEA * improve SEA.work and rebuild SEA * enhance SEA encryption handling and improve test coverage for SEA functions --------- Co-authored-by: noname <x@null.com> Co-authored-by: x <x@mimiza.com> Co-authored-by: x <null> Co-authored-by: noname <no@name.com>
71 lines
2.3 KiB
JavaScript
71 lines
2.3 KiB
JavaScript
;(function(){
|
|
|
|
var SEA = require('./root');
|
|
var shim = require('./shim');
|
|
var S = require('./settings');
|
|
var sha = require('./sha256');
|
|
var u;
|
|
|
|
async function n(r, o, c) {
|
|
try {
|
|
if(!o.raw){ r = 'SEA' + await shim.stringify(r) }
|
|
if(c){ try{ c(r) }catch(e){} }
|
|
return r;
|
|
} catch(e) { return r }
|
|
}
|
|
|
|
async function w(r, j, o, c) {
|
|
var x = {
|
|
m: j,
|
|
s: r.signature ? shim.Buffer.from(r.signature, 'binary').toString(o.encode || 'base64') : u,
|
|
a: shim.Buffer.from(r.authenticatorData, 'binary').toString('base64'),
|
|
c: shim.Buffer.from(r.clientDataJSON, 'binary').toString('base64')
|
|
};
|
|
if (!x.s || !x.a || !x.c) throw "WebAuthn signature invalid";
|
|
return n(x, o, c);
|
|
}
|
|
|
|
async function k(p, j, o, c) {
|
|
var x = S.jwk(p.pub, p.priv);
|
|
if (!x) throw "Invalid key pair";
|
|
var h = await sha(j);
|
|
var s = await (shim.ossl || shim.subtle).importKey('jwk', x, S.ecdsa.pair, false, ['sign'])
|
|
.then((k) => (shim.ossl || shim.subtle).sign(S.ecdsa.sign, k, new Uint8Array(h)))
|
|
.catch(() => { throw "SEA signature failed" });
|
|
return n({m: j, s: shim.Buffer.from(s, 'binary').toString(o.encode || 'base64')}, o, c);
|
|
}
|
|
|
|
SEA.sign = SEA.sign || (async (data, pair, cb, opt) => { try {
|
|
opt = opt || {};
|
|
if(u === data) throw '`undefined` not allowed.';
|
|
if(!(pair||opt).priv && typeof pair !== 'function'){
|
|
if(!SEA.I) throw 'No signing key.';
|
|
pair = await SEA.I(null, {what: data, how: 'sign', why: opt.why});
|
|
}
|
|
|
|
var j = await S.parse(data);
|
|
var c = opt.check = opt.check || j;
|
|
|
|
if(SEA.verify && (S.check(c) || (c && c.s && c.m))
|
|
&& u !== await SEA.verify(c, pair)){
|
|
return n(await S.parse(c), opt, cb);
|
|
}
|
|
|
|
if(typeof pair === 'function') {
|
|
var r = await pair(data);
|
|
return r.authenticatorData ? w(r, j, opt, cb) :
|
|
n({m: j, s: typeof r === 'string' ? r :
|
|
r.signature && shim.Buffer.from(r.signature, 'binary').toString(opt.encode || 'base64')}, opt, cb);
|
|
}
|
|
|
|
return k(pair, j, opt, cb);
|
|
} catch(e) {
|
|
SEA.err = e;
|
|
if(SEA.throw){ throw e }
|
|
if(cb){ cb() }
|
|
return;
|
|
}});
|
|
|
|
module.exports = SEA.sign;
|
|
|
|
}()); |