OR13
commented
2 years ago for example:
const dilithium = require("../../util/api");
export const signer = (privateKeyJwk: any) => {
return {
async sign({ data }: { data: Uint8Array }) {
const api = await dilithium.init();
const signature = await api.sign(data, privateKeyJwk);
return Uint8Array.from(Buffer.from(signature, "base64"));
},
};
};
export const verifier = (publicKeyJwk: any) => {
return {
async verify({
data,
signature,
}: {
data: Uint8Array;
signature: Uint8Array;
}) {
let verified = false;
try {
const api = await dilithium.init();
const sig = Buffer.from(signature).toString("base64");
verified = await api.verify(data, sig, publicKeyJwk);
} catch (e) {
// console.error('An error occurred when verifying signature: ', e);
}
return verified;
},
};
};
currently:
in the future:
message needs to be a Uint8Array. publicKey and privateKey also need to be Uint8Array
publicKey = base64url.decode(privateKeyJwk.x) privateKey = base64url.decode(privateKeyJwk.d)
lowest level crypto should avoid passing around string encoded keys, signatures... serialization to string should happen only at an app boundary.
ideally these interface would also be type checked.