Skip to content

Commit 12ece30

Browse files
denbitedenbite
authored
Merge pull request #1625 from SmolinPavel/fix/biometric-add-ed25519-prefix
fix: Ensure passkey-derived keys are always treated as `ed25519`
2 parents ab5fcd3 + c0e8c19 commit 12ece30

File tree

2 files changed

+9
-5
lines changed

2 files changed

+9
-5
lines changed

.changeset/wise-mangos-push.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
"@near-js/biometric-ed25519": patch
3+
---
4+
5+
Ensure passkey-derived keys are prefixed with ed25519

packages/biometric-ed25519/src/index.ts

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ import { ed25519 } from '@noble/curves/ed25519';
33
import { sha256 } from '@noble/hashes/sha256';
44
import { Buffer } from 'buffer';
55
import asn1 from 'asn1-parser';
6-
import { KeyPair } from '@near-js/crypto';
6+
import { KeyPair, KeyPairEd25519 } from '@near-js/crypto';
77
import { baseEncode } from '@near-js/utils';
88
import {
99
validateUsername,
@@ -18,7 +18,6 @@ import {
1818
} from './utils';
1919
import { Fido2 } from './fido2';
2020
import type { AssertionResponse } from './type';
21-
import { KeyPairString } from '@near-js/crypto';
2221

2322
const CHALLENGE_TIMEOUT_MS = 90 * 1000;
2423
const RP_NAME = 'NEAR_API_JS_WEBAUTHN';
@@ -87,7 +86,7 @@ export const createKey = async (username: string): Promise<KeyPair> => {
8786
const publicKeyBytes = get64BytePublicKeyFromPEM(publicKey);
8887
const secretKey = sha256.create().update(Buffer.from(publicKeyBytes)).digest();
8988
const pubKey = ed25519.getPublicKey(secretKey);
90-
return KeyPair.fromString(baseEncode(new Uint8Array(Buffer.concat([Buffer.from(secretKey), Buffer.from(pubKey)]))) as KeyPairString);
89+
return new KeyPairEd25519(baseEncode(Buffer.concat([Buffer.from(secretKey), Buffer.from(pubKey)])));
9190
});
9291
};
9392

@@ -130,8 +129,8 @@ export const getKeys = async (username: string): Promise<[KeyPair, KeyPair]> =>
130129
const firstEDPublic = ed25519.getPublicKey(firstEDSecret);
131130
const secondEDSecret = sha256.create().update(Buffer.from(correctPKs[1])).digest();
132131
const secondEDPublic = ed25519.getPublicKey(secondEDSecret);
133-
const firstKeyPair = KeyPair.fromString(baseEncode(new Uint8Array(Buffer.concat([Buffer.from(firstEDSecret), Buffer.from(firstEDPublic)]))) as KeyPairString);
134-
const secondKeyPair = KeyPair.fromString(baseEncode(new Uint8Array(Buffer.concat([Buffer.from(secondEDSecret), Buffer.from(secondEDPublic)]))) as KeyPairString);
132+
const firstKeyPair = new KeyPairEd25519(baseEncode(Buffer.concat([Buffer.from(firstEDSecret), Buffer.from(firstEDPublic)])));
133+
const secondKeyPair = new KeyPairEd25519(baseEncode(Buffer.concat([Buffer.from(secondEDSecret), Buffer.from(secondEDPublic)])));
135134
return [firstKeyPair, secondKeyPair];
136135
});
137136
};

0 commit comments

Comments
 (0)