Use TypedArrays instead of ArrayBuffers with WebCrypto (bluesky-socia…

…l#742) * pass in ui8array not array buffer to webcrypto * added test
qwexvf · Mar 31, 2023 · 3c3569d · 3c3569d
1 parent 563c84c
commit 3c3569d
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 7 deletions.
diff --git a/packages/crypto/src/p256/keypair.ts b/packages/crypto/src/p256/keypair.ts
@@ -67,7 +67,7 @@ export class EcdsaKeypair implements Keypair {
     const buf = await webcrypto.subtle.sign(
       { name: 'ECDSA', hash: { name: 'SHA-256' } },
       this.keypair.privateKey,
-      msg.buffer,
+      new Uint8Array(msg),
     )
     return new Uint8Array(buf)
   }

diff --git a/packages/crypto/src/p256/operations.ts b/packages/crypto/src/p256/operations.ts
@@ -46,8 +46,8 @@ export const verify = async (
   return webcrypto.subtle.verify(
     { name: 'ECDSA', hash: { name: 'SHA-256' } },
     importedKey,
-    sig,
-    data,
+    new Uint8Array(sig),
+    new Uint8Array(data),
   )
 }
 
@@ -56,7 +56,7 @@ export const importEcdsaPublicKey = async (
 ): Promise<CryptoKey> => {
   return webcrypto.subtle.importKey(
     'raw',
-    keyBytes,
+    new Uint8Array(keyBytes),
     { name: 'ECDSA', namedCurve: 'P-256' },
     true,
     ['verify'],

diff --git a/packages/crypto/tests/export.test.ts → packages/crypto/tests/keypairs.test.ts b/packages/crypto/tests/export.test.ts → packages/crypto/tests/keypairs.test.ts
@@ -2,13 +2,14 @@ import EcdsaKeypair from '../src/p256/keypair'
 import Secp256k1Keypair from '../src/secp256k1/keypair'
 import * as p256 from '../src/p256/operations'
 import * as secp from '../src/secp256k1/operations'
+import { randomBytes } from '../src'
 
-describe('exports and reimports keys', () => {
+describe('keypairs', () => {
   describe('secp256k1', () => {
     let keypair: Secp256k1Keypair
     let imported: Secp256k1Keypair
 
-    it('has the same DID', async () => {
+    it('has the same DID on import', async () => {
       keypair = await Secp256k1Keypair.create({ exportable: true })
       const exported = await keypair.export()
       imported = await Secp256k1Keypair.import(exported, { exportable: true })
@@ -24,13 +25,23 @@ describe('exports and reimports keys', () => {
 
       expect(validSig).toBeTruthy()
     })
+
+    it('produces a valid signature on a typed array of a large arraybuffer', async () => {
+      const bytes = await randomBytes(8192)
+      const arrBuf = bytes.buffer
+      const sliceView = new Uint8Array(arrBuf, 1024, 1024)
+      expect(sliceView.buffer.byteLength).toBe(8192)
+      const sig = await imported.sign(sliceView)
+      const validSig = await secp.verifyDidSig(keypair.did(), sliceView, sig)
+      expect(validSig).toBeTruthy()
+    })
   })
 
   describe('P-256', () => {
     let keypair: EcdsaKeypair
     let imported: EcdsaKeypair
 
-    it('has the same DID', async () => {
+    it('has the same DID on import', async () => {
       keypair = await EcdsaKeypair.create({ exportable: true })
       const exported = await keypair.export()
       imported = await EcdsaKeypair.import(exported, { exportable: true })
@@ -46,5 +57,15 @@ describe('exports and reimports keys', () => {
 
       expect(validSig).toBeTruthy()
     })
+
+    it('produces a valid signature on a typed array of a large arraybuffer', async () => {
+      const bytes = await randomBytes(8192)
+      const arrBuf = bytes.buffer
+      const sliceView = new Uint8Array(arrBuf, 1024, 1024)
+      expect(sliceView.buffer.byteLength).toBe(8192)
+      const sig = await imported.sign(sliceView)
+      const validSig = await p256.verifyDidSig(keypair.did(), sliceView, sig)
+      expect(validSig).toBeTruthy()
+    })
   })
 })