trent_larson
/
crowd-funder-for-time-pwa
4
1
Fork 2
Code Pull Requests 4 Releases 5 Wiki Activity
Browse Source

Updates using noble single file modules

pull/78/head
Matthew Raymer 10 months ago
parent
fc37f475d5
commit
96fd4f68ef
6 changed files with 5026 additions and 5297 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      sw_scripts/additional-scripts.js
  2. 2230
      sw_scripts/noble-curves.js
  3. 3068
      sw_scripts/noble-hashes.js
  4. 195
      sw_scripts/safari-notifications.js
  5. 283
      sw_scripts/secp256k1.js
  6. 3542
      sw_scripts/sw-bn.js

1
sw_scripts/additional-scripts.js
View File

@ -10,6 +10,7 @@ self.addEventListener("install", (event) => {
"safari-notifications.js",
"nacl.js",
"noble-curves.js",
"noble-hashes.js",
);
console.log("scripts imported", event);
});

2230
sw_scripts/noble-curves.js
View File

File diff suppressed because it is too large

3068
sw_scripts/noble-hashes.js
View File

File diff suppressed because it is too large

195
sw_scripts/safari-notifications.js
View File

@ -1,12 +1,3 @@
async function generateSHA256Hash(data) {
const buffer = new TextEncoder().encode(data);
const hashBuffer = await crypto.subtle.digest("SHA-256", buffer);
const hashArray = Array.from(new Uint8Array(hashBuffer)); // convert buffer to byte array
const hashHex = hashArray
.map((byte) => byte.toString(16).padStart(2, "0"))
.join("");
return hashHex;
}
function bufferFromBase64(base64) {
const binaryString = atob(base64);
@ -20,23 +11,22 @@ function bufferFromBase64(base64) {
return bytes;
}
function fromString(str, encoding = 'utf8') {
if (encoding === 'utf8') {
function fromString(str, encoding = "utf8") {
if (encoding === "utf8") {
return new TextEncoder().encode(str);
} else if (encoding === 'base16') {
} else if (encoding === "base16") {
if (str.length % 2 !== 0) {
throw new Error('Invalid hex string length.');
throw new Error("Invalid hex string length.");
}
let bytes = new Uint8Array(str.length / 2);
for (let i = 0; i < str.length; i += 2) {
bytes[i / 2] = parseInt(str.substring(i, i + 2), 16);
}
return bytes;
} else if (encoding === 'base64url') {
str = str.replace(/-/g, '+').replace(/_/g, '/');
} else if (encoding === "base64url") {
str = str.replace(/-/g, "+").replace(/_/g, "/");
while (str.length % 4) {
str += '=';
str += "=";
}
return new Uint8Array(bufferFromBase64(str));
} else {
@ -44,7 +34,6 @@ function bufferFromBase64(base64) {
}
}
/**
* Convert a Uint8Array to a string with the given encoding.
*
@ -53,13 +42,13 @@ function bufferFromBase64(base64) {
* @returns {string} - The encoded string.
* @throws {Error} - Throws an error if the encoding is unsupported.
*/
function toString(byteArray, encoding = 'utf8') {
function toString(byteArray, encoding = "utf8") {
switch (encoding) {
case 'utf8':
case "utf8":
return decodeUTF8(byteArray);
case 'base16':
case "base16":
return toBase16(byteArray);
case 'base64url':
case "base64url":
return toBase64Url(byteArray);
default:
throw new Error(`Unsupported encoding "${encoding}"`);
@ -83,7 +72,9 @@ function bufferFromBase64(base64) {
* @returns {string}
*/
function toBase16(byteArray) {
return Array.from(byteArray).map(byte => byte.toString(16).padStart(2, '0')).join('');
return Array.from(byteArray)
.map((byte) => byte.toString(16).padStart(2, "0"))
.join("");
}
/**
@ -94,7 +85,7 @@ function bufferFromBase64(base64) {
*/
function toBase64Url(byteArray) {
let uint8Array = new Uint8Array(byteArray);
let binaryString = '';
let binaryString = "";
for (let i = 0; i < uint8Array.length; i++) {
binaryString += String.fromCharCode(uint8Array[i]);
}
@ -102,20 +93,19 @@ function bufferFromBase64(base64) {
// Encode to base64
let base64 = btoa(binaryString);
return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
}
const u8a = { toString, fromString };
function sha256(payload) {
const data = typeof payload === 'string' ? u8a.fromString(payload) : payload;
return generateSHA256Hash(data);
const data = typeof payload === "string" ? u8a.fromString(payload) : payload;
return nobleHashes.sha256(data);
}
async function accessToken(identifier) {
const did = identifier['did'];
const privateKeyHex = identifier['keys'][0]['privateKeyHex'];
const did = identifier["did"];
const privateKeyHex = identifier["keys"][0]["privateKeyHex"];
const signer = await SimpleSigner(privateKeyHex);
@ -133,13 +123,16 @@ function bufferFromBase64(base64) {
return jwt;
}
async function createJWT(payload, options, header = {}) {
const { issuer, signer, alg, expiresIn, canonicalize } = options;
if (!signer) throw new Error('missing_signer: No Signer functionality has been configured');
if (!issuer) throw new Error('missing_issuer: No issuing DID has been configured');
if (!header.typ) header.typ = 'JWT';
if (!signer)
throw new Error(
"missing_signer: No Signer functionality has been configured",
);
if (!issuer)
throw new Error("missing_issuer: No issuing DID has been configured");
if (!header.typ) header.typ = "JWT";
if (!header.alg) header.alg = alg;
const timestamps = {
@ -148,10 +141,10 @@ function bufferFromBase64(base64) {
};
if (expiresIn) {
if (typeof expiresIn === 'number') {
if (typeof expiresIn === "number") {
timestamps.exp = (payload.nbf || timestamps.iat) + Math.floor(expiresIn);
} else {
throw new Error('invalid_argument: JWT expiresIn is not a number');
throw new Error("invalid_argument: JWT expiresIn is not a number");
}
}
@ -159,33 +152,37 @@ function bufferFromBase64(base64) {
return createJWS(fullPayload, signer, header, { canonicalize });
}
const defaultAlg = 'ES256K'
const defaultAlg = "ES256K";
async function createJWS(payload, signer, header = {}, options = {}) {
if (!header.alg) header.alg = defaultAlg;
const encodedPayload = typeof payload === 'string' ? payload : encodeSection(payload, options.canonicalize);
const signingInput = [encodeSection(header, options.canonicalize), encodedPayload].join('.');
const encodedPayload =
typeof payload === "string"
? payload
: encodeSection(payload, options.canonicalize);
const signingInput = [
encodeSection(header, options.canonicalize),
encodedPayload,
].join(".");
const jwtSigner = ES256KSignerAlg(false);
const signature = await jwtSigner(signingInput, signer);
// JWS Compact Serialization
// https://www.rfc-editor.org/rfc/rfc7515#section-7.1
return [signingInput, signature].join('.');
return [signingInput, signature].join(".");
}
function canonicalizeData(object) {
if (typeof object === 'number' && isNaN(object)) {
throw new Error('NaN is not allowed');
if (typeof object === "number" && isNaN(object)) {
throw new Error("NaN is not allowed");
}
if (typeof object === 'number' && !isFinite(object)) {
throw new Error('Infinity is not allowed');
if (typeof object === "number" && !isFinite(object)) {
throw new Error("Infinity is not allowed");
}
if (object === null || typeof object !== 'object') {
if (object === null || typeof object !== "object") {
return JSON.stringify(object);
}
@ -195,23 +192,24 @@ function bufferFromBase64(base64) {
if (Array.isArray(object)) {
const values = object.reduce((t, cv, ci) => {
const comma = ci === 0 ? '' : ',';
const value = cv === undefined || typeof cv === 'symbol' ? null : cv;
const comma = ci === 0 ? "" : ",";
const value = cv === undefined || typeof cv === "symbol" ? null : cv;
return `${t}${comma}${serialize(value)}`;
}, '');
}, "");
return `[${values}]`;
}
const values = Object.keys(object).sort().reduce((t, cv) => {
if (object[cv] === undefined ||
typeof object[cv] === 'symbol') {
const values = Object.keys(object)
.sort()
.reduce((t, cv) => {
if (object[cv] === undefined || typeof object[cv] === "symbol") {
return t;
}
const comma = t.length === 0 ? '' : ',';
const comma = t.length === 0 ? "" : ",";
return `${t}${comma}${serialize(cv)}:${serialize(object[cv])}`;
}, '');
}, "");
return `{${values}}`;
};
}
function encodeSection(data, shouldCanonicalize = false) {
if (shouldCanonicalize) {
@ -221,13 +219,12 @@ function bufferFromBase64(base64) {
}
}
function encodeBase64url(s) {
return bytesToBase64url(u8a.fromString(s))
return bytesToBase64url(u8a.fromString(s));
}
function instanceOfEcdsaSignature(object) {
return typeof object === 'object' && 'r' in object && 's' in object;
return typeof object === "object" && "r" in object && "s" in object;
}
function ES256KSignerAlg(recoverable) {
@ -236,8 +233,13 @@ function bufferFromBase64(base64) {
if (instanceOfEcdsaSignature(signature)) {
return toJose(signature, recoverable);
} else {
if (recoverable && typeof fromJose(signature).recoveryParam === 'undefined') {
throw new Error(`not_supported: ES256K-R not supported when signer doesn't provide a recovery param`);
if (
recoverable &&
typeof fromJose(signature).recoveryParam === "undefined"
) {
throw new Error(
`not_supported: ES256K-R not supported when signer doesn't provide a recovery param`,
);
}
return signature;
}
@ -246,21 +248,19 @@ function bufferFromBase64(base64) {
function leftpad(data, size = 64) {
if (data.length === size) return data;
return '0'.repeat(size - data.length) + data;
return "0".repeat(size - data.length) + data;
}
async function SimpleSigner(hexPrivateKey) {
const signer = await ES256KSigner(hexToBytes(hexPrivateKey), true);
return async (data) => {
const signature = (await signer(data));
const signature = await signer(data);
return fromJose(signature);
};
}
function hexToBytes(s, minLength) {
let input = s.startsWith('0x') ? s.substring(2) : s;
let input = s.startsWith("0x") ? s.substring(2) : s;
if (input.length % 2 !== 0) {
input = `0${input}`;
@ -268,74 +268,80 @@ function bufferFromBase64(base64) {
if (minLength) {
const paddedLength = Math.max(input.length, minLength * 2);
input = input.padStart(paddedLength, '00');
input = input.padStart(paddedLength, "00");
}
return u8a.fromString(input.toLowerCase(), 'base16');
return u8a.fromString(input.toLowerCase(), "base16");
}
function ES256KSigner(privateKey, recoverable = false) {
const privateKeyBytes = privateKey;
if (privateKeyBytes.length !== 32) {
throw new Error(`bad_key: Invalid private key format. Expecting 32 bytes, but got ${privateKeyBytes.length}`);
throw new Error(
`bad_key: Invalid private key format. Expecting 32 bytes, but got ${privateKeyBytes.length}`,
);
}
return async function (data) {
const hash = await sha256(data);
const signature = nobleCurves.secp256k1.sign(hash, privateKeyBytes);
return toJose({
const signature = nobleCurves.secp256k1.sign(sha256(data), privateKeyBytes);
console.error(signature);
return toJose(
{
r: leftpad(signature.r.toString(16)),
s: leftpad(signature.s.toString(16)),
recoveryParam: signature.recovery,
}, recoverable);
}
},
recoverable,
);
};
}
function toJose(signature, recoverable) {
const { r, s, recoveryParam } = signature;
const jose = new Uint8Array(recoverable ? 65 : 64);
jose.set(u8a.fromString(r, 'base16'), 0);
jose.set(u8a.fromString(s, 'base16'), 32);
jose.set(u8a.fromString(r, "base16"), 0);
jose.set(u8a.fromString(s, "base16"), 32);
if (recoverable) {
if (typeof recoveryParam === 'undefined') {
throw new Error('Signer did not return a recoveryParam');
if (typeof recoveryParam === "undefined") {
throw new Error("Signer did not return a recoveryParam");
}
jose[64] = recoveryParam;
}
return bytesToBase64url(jose);
}
function bytesToBase64url(b) {
return u8a.toString(b, 'base64url');
return u8a.toString(b, "base64url");
}
function base64ToBytes(s) {
const inputBase64Url = s.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '')
return u8a.fromString(inputBase64Url, 'base64url')
const inputBase64Url = s
.replace(/\+/g, "-")
.replace(/\//g, "_")
.replace(/=/g, "");
return u8a.fromString(inputBase64Url, "base64url");
}
function bytesToHex(b) {
return u8a.toString(b, 'base16')
return u8a.toString(b, "base16");
}
function fromJose(signature) {
const signatureBytes = base64ToBytes(signature);
if (signatureBytes.length < 64 || signatureBytes.length > 65) {
throw new TypeError(`Wrong size for signature. Expected 64 or 65 bytes, but got ${signatureBytes.length}`,);
throw new TypeError(
`Wrong size for signature. Expected 64 or 65 bytes, but got ${signatureBytes.length}`,
);
}
const r = bytesToHex(signatureBytes.slice(0, 32));
const s = bytesToHex(signatureBytes.slice(32, 64));
const recoveryParam = signatureBytes.length === 65 ? signatureBytes[64] : undefined;
const recoveryParam =
signatureBytes.length === 65 ? signatureBytes[64] : undefined;
return { r, s, recoveryParam };
}
function validateBase64(s) {
if (
!/^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.test(
@ -444,12 +450,15 @@ async function getNotificationCount() {
"Content-Type": "application/json",
};
headers["Authorization"] = "Bearer " + await accessToken(identifier);
headers["Authorization"] = "Bearer " + (await accessToken(identifier));
let response = await fetch("https://test-api.endorser.ch/api/v2/report/claims", {
method: 'GET',
let response = await fetch(
"https://test-api.endorser.ch/api/v2/report/claims",
{
method: "GET",
headers: headers,
});
},
);
console.error(did, response.status);
console.error(await response.json());

283
sw_scripts/secp256k1.js
View File

@ -1,283 +0,0 @@
(function () {
randomBytes = (length) => self.crypto.getRandomValues(new Uint8Array(length));
self.Secp256k1 = exports = {};
function uint256(x, base) {
return new BN(x, base);
}
function rnd(P) {
return uint256(randomBytes(32)).umod(P); //TODO red
}
const A = uint256(0);
const B = uint256(7);
const GX = uint256(
"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
16,
);
const GY = uint256(
"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
16,
);
const P = uint256(
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
16,
);
const N = uint256(
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
16,
);
//const RED = BN.red(P)
const _0 = uint256(0);
const _1 = uint256(1);
// function for elliptic curve multiplication in jacobian coordinates using Double-and-add method
function ecmul(_p, _d) {
let R = [_0, _0, _0];
//return (0,0) if d=0 or (x1,y1)=(0,0)
if (_d == 0 || (_p[0] == 0 && _p[1] == 0)) {
return R;
}
let T = [
_p[0], //x-coordinate temp
_p[1], //y-coordinate temp
_p[2], //z-coordinate temp
];
const d = _d.clone();
while (d != 0) {
if (d.testn(0)) {
//if last bit is 1 add T to result
R = ecadd(T, R);
}
T = ecdouble(T); //double temporary coordinates
d.iushrn(1); //"cut off" last bit
}
return R;
}
function mulmod(a, b, P) {
return a.mul(b).umod(P); //TODO red
}
function addmod(a, b, P) {
return a.add(b).umod(P); //TODO red
}
function invmod(a, P) {
return a.invm(P); //TODO redq
}
function mulG(k) {
const GinJ = AtoJ(GX, GY);
const PUBinJ = ecmul(GinJ, k);
return JtoA(PUBinJ);
}
function assert(cond, msg) {
if (!cond) {
throw Error("assertion failed: " + msg);
}
}
function ecsign(d, z) {
assert(d != 0, "d must not be 0");
assert(z != 0, "z must not be 0");
while (true) {
const k = rnd(P);
const R = mulG(k);
if (R[0] == 0) continue;
const s = mulmod(invmod(k, N), addmod(z, mulmod(R[0], d, N), N), N);
if (s == 0) continue;
//FIXME: why do I need this
if (s.testn(255)) continue;
return { r: toHex(R[0]), s: toHex(s), v: R[1].testn(0) ? 1 : 0 };
}
}
function JtoA(p) {
const zInv = invmod(p[2], P);
const zInv2 = mulmod(zInv, zInv, P);
return [mulmod(p[0], zInv2, P), mulmod(p[1], mulmod(zInv, zInv2, P), P)];
}
//point doubling for elliptic curve in jacobian coordinates
//formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates
function ecdouble(_p) {
if (_p[1] == 0) {
//return point at infinity
return [_1, _1, _0];
}
const z2 = mulmod(_p[2], _p[2], P);
const m = addmod(
mulmod(A, mulmod(z2, z2, P), P),
mulmod(uint256(3), mulmod(_p[0], _p[0], P), P),
P,
);
const y2 = mulmod(_p[1], _p[1], P);
const s = mulmod(uint256(4), mulmod(_p[0], y2, P), P);
const x = addmod(mulmod(m, m, P), negmod(mulmod(s, uint256(2), P), P), P);
return [
x,
addmod(
mulmod(m, addmod(s, negmod(x, P), P), P),
negmod(mulmod(uint256(8), mulmod(y2, y2, P), P), P),
P,
),
mulmod(uint256(2), mulmod(_p[1], _p[2], P), P),
];
}
function negmod(a, P) {
return P.sub(a);
}
// point addition for elliptic curve in jacobian coordinates
// formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates
function ecadd(_p, _q) {
if (_q[0] == 0 && _q[1] == 0 && _q[2] == 0) {
return _p;
}
let z2 = mulmod(_q[2], _q[2], P);
const u1 = mulmod(_p[0], z2, P);
const s1 = mulmod(_p[1], mulmod(z2, _q[2], P), P);
z2 = mulmod(_p[2], _p[2], P);
let u2 = mulmod(_q[0], z2, P);
let s2 = mulmod(_q[1], mulmod(z2, _p[2], P), P);
if (u1.eq(u2)) {
if (!s1.eq(s2)) {
//return point at infinity
return [_1, _1, _0];
} else {
return ecdouble(_p);
}
}
u2 = addmod(u2, negmod(u1, P), P);
z2 = mulmod(u2, u2, P);
const t2 = mulmod(u1, z2, P);
z2 = mulmod(u2, z2, P);
s2 = addmod(s2, negmod(s1, P), P);
const x = addmod(
addmod(mulmod(s2, s2, P), negmod(z2, P), P),
negmod(mulmod(uint256(2), t2, P), P),
P,
);
return [
x,
addmod(
mulmod(s2, addmod(t2, negmod(x, P), P), P),
negmod(mulmod(s1, z2, P), P),
P,
),
mulmod(u2, mulmod(_p[2], _q[2], P), P),
];
}
function AtoJ(x, y) {
return [uint256(x), uint256(y), _1];
}
function isValidPoint(x, y) {
const yy = addmod(mulmod(mulmod(x, x, P), x, P), B, P);
return yy.eq(mulmod(y, y, P));
}
function toHex(bn) {
return (
"00000000000000000000000000000000000000000000000000000000000000000000000000000000" +
bn.toString(16)
).slice(-64);
}
function decompressKey(x, yBit) {
let redP = BN.red("k256");
x = x.toRed(redP);
const y = x.redMul(x).redMul(x).redAdd(B.toRed(redP)).redSqrt();
const sign = y.testn(0);
return (sign != yBit ? y.redNeg() : y).fromRed();
}
function generatePublicKeyFromPrivateKeyData(pk) {
const p = mulG(pk);
return { x: toHex(p[0]), y: toHex(p[1]) };
}
function ecrecover(recId, sigr, sigs, message) {
assert(recId >= 0 && recId <= 3, "recId must be 0..3");
assert(sigr != 0, "sigr must not be 0");
assert(sigs != 0, "sigs must not be 0");
// 1.0 For j from 0 to h (h == recId here and the loop is outside this function)
// 1.1 Let x = r + jn
const x = addmod(uint256(sigr), P.muln(recId >> 1), P);
// 1.2. Convert the integer x to an octet string X of length mlen using the conversion routine
// specified in Section 2.3.7, where mlen = ⌈(log2 p)/8⌉ or mlen = ⌈m/8⌉.
// 1.3. Convert the octet string (16 set binary digits)||X to an elliptic curve point R using the
// conversion routine specified in Section 2.3.4. If this conversion routine outputs “invalid”, then
// do another iteration of Step 1.
//
// More concisely, what these points mean is to use X as a compressed public key.
if (x.gte(P)) {
// Cannot have point co-ordinates larger than this as everything takes place modulo Q.
return null;
}
// Compressed keys require you to know an extra bit of data about the y-coord as there are two possibilities.
// So it's encoded in the recId.
const y = decompressKey(x, (recId & 1) == 1);
// 1.4. If nR != point at infinity, then do another iteration of Step 1 (callers responsibility).
// if (!R.mul(N).isInfinity())
// return null
// 1.5. Compute e from M using Steps 2 and 3 of ECDSA signature verification.
const e = uint256(message);
// 1.6. For k from 1 to 2 do the following. (loop is outside this function via iterating recId)
// 1.6.1. Compute a candidate public key as:
// Q = mi(r) * (sR - eG)
//
// Where mi(x) is the modular multiplicative inverse. We transform this into the following:
// Q = (mi(r) * s ** R) + (mi(r) * -e ** G)
// Where -e is the modular additive inverse of e, that is z such that z + e = 0 (mod n). In the above equation
// ** is point multiplication and + is point addition (the EC group operator).
//
// We can find the additive inverse by subtracting e from zero then taking the mod. For example the additive
// inverse of 3 modulo 11 is 8 because 3 + 8 mod 11 = 0, and -3 mod 11 = 8.
const eNeg = negmod(e, N);
const rInv = invmod(sigr, N);
const srInv = mulmod(rInv, sigs, N);
const eNegrInv = mulmod(rInv, eNeg, N);
const R = AtoJ(x, y);
const G = AtoJ(GX, GY);
const qinJ = ecadd(ecmul(G, eNegrInv), ecmul(R, srInv));
const p = JtoA(qinJ);
return { x: toHex(p[0]), y: toHex(p[1]) };
}
function ecverify(Qx, Qy, sigr, sigs, z) {
if (sigs == 0 || sigr == 0) {
return false;
}
const w = invmod(sigs, N);
const u1 = mulmod(z, w, N);
const u2 = mulmod(sigr, w, N);
const Q = AtoJ(Qx, Qy);
const G = AtoJ(GX, GY);
const RinJ = ecadd(ecmul(G, u1), ecmul(Q, u2));
const r = JtoA(RinJ);
return sigr.eq(r[0]);
}
exports.uint256 = uint256;
exports.ecsign = ecsign;
exports.ecrecover = ecrecover;
exports.generatePublicKeyFromPrivateKeyData =
generatePublicKeyFromPrivateKeyData;
exports.decompressKey = decompressKey;
exports.isValidPoint = isValidPoint;
exports.ecverify = ecverify;
})();

3542
sw_scripts/sw-bn.js
View File

File diff suppressed because it is too large
Write Preview
Loading…
Cancel
Save