diff --git a/package.json b/package.json index 088fd4c1..9d4d49af 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ }, "dependencies": { "@interledger/open-payments": "^7.1.3", - "@noble/ed25519": "^2.3.0", + "@noble/ed25519": "^3.0.0", "@noble/hashes": "^2.0.1", "@radix-ui/react-tabs": "^1.1.13", "awilix": "^12.0.5", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index a8fb74d0..3d5558ee 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -19,8 +19,8 @@ importers: specifier: ^7.1.3 version: 7.1.3 '@noble/ed25519': - specifier: ^2.3.0 - version: 2.3.0 + specifier: ^3.0.0 + version: 3.0.0 '@noble/hashes': specifier: ^2.0.1 version: 2.0.1 @@ -821,8 +821,8 @@ packages: '@napi-rs/wasm-runtime@0.2.11': resolution: {integrity: sha512-9DPkXtvHydrcOsopiYpUgPHpmj0HWZKMUnL2dZqpvC42lsratuBG06V5ipyno0fUek5VlFsNQ+AcFATSrJXgMA==} - '@noble/ed25519@2.3.0': - resolution: {integrity: sha512-M7dvXL2B92/M7dw9+gzuydL8qn/jiqNHaoR3Q+cb1q1GHV7uwE17WCyFMG+Y+TZb5izcaXk5TdJRrDUxHXL78A==} + '@noble/ed25519@3.0.0': + resolution: {integrity: sha512-QyteqMNm0GLqfa5SoYbSC3+Pvykwpn95Zgth4MFVSMKBB75ELl9tX1LAVsN4c3HXOrakHsF2gL4zWDAYCcsnzg==} '@noble/hashes@2.0.1': resolution: {integrity: sha512-XlOlEbQcE9fmuXxrVTXCTlG2nlRXa9Rj3rr5Ue/+tX+nmkgbX720YHh0VR3hBF9xDvwnb8D2shVGOwNx+ulArw==} @@ -4251,7 +4251,7 @@ snapshots: '@tybys/wasm-util': 0.9.0 optional: true - '@noble/ed25519@2.3.0': {} + '@noble/ed25519@3.0.0': {} '@noble/hashes@2.0.1': {} diff --git a/src/background/services/openPayments.ts b/src/background/services/openPayments.ts index a16eafd9..ada9da6e 100644 --- a/src/background/services/openPayments.ts +++ b/src/background/services/openPayments.ts @@ -4,7 +4,8 @@ import { createAuthenticatedClient, OpenPaymentsClientError, } from '@interledger/open-payments/dist/client'; -import * as ed from '@noble/ed25519'; +import { signAsync } from '@noble/ed25519'; +import { hexToBytes } from '@noble/hashes/utils.js'; import type { Request } from 'http-message-signatures'; import { signMessage } from 'http-message-signatures/lib/httpbis'; import { createContentDigestHeader } from 'httpbis-digest-headers'; @@ -98,7 +99,7 @@ export class OpenPaymentsService { id: keyId, alg: 'ed25519', async sign(data: Uint8Array) { - return Buffer.from(await ed.signAsync(data, key.slice(16))); + return Buffer.from(await signAsync(data, key)); }, }; } @@ -162,7 +163,12 @@ export class OpenPaymentsService { async initClient(walletAddressUrl: string) { const { privateKey, keyId } = await this.getPrivateKeyInformation(); - + let privateKeyBytes = hexToBytes(privateKey); + if (privateKeyBytes.length === 48) { + // For keys generated before https://github.com/interledger/web-monetization-extension/pull/1192 + // biome-ignore format: inline array looks cleaner + privateKeyBytes = privateKeyBytes.slice(16) + } this.client = await createAuthenticatedClient({ validateResponses: false, requestTimeoutMs: 10_000, @@ -185,7 +191,7 @@ export class OpenPaymentsService { ? JSON.stringify(await request.json()) : undefined, }, - privateKey: ed.etc.hexToBytes(privateKey), + privateKey: privateKeyBytes, keyId, }); diff --git a/src/shared/crypto.ts b/src/shared/crypto.ts index de2456bb..7f80499e 100644 --- a/src/shared/crypto.ts +++ b/src/shared/crypto.ts @@ -1,18 +1,8 @@ -import * as ed from '@noble/ed25519'; +import { keygenAsync } from '@noble/ed25519'; export async function generateEd25519KeyPair() { - const rawPrivateKey = ed.utils.randomPrivateKey(); - // PKCS#8 format (version + algorithm) - // Adding these values upfront solves the future import of the key using - // `crypto.subtle.importKey` once the WebCrypto API supports the Ed25519 algorithm. - // biome-ignore format: inline array looks cleaner - const privateKey = new Uint8Array([ - 48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32, - ...rawPrivateKey, - ]) - const publicKey = await ed.getPublicKeyAsync(rawPrivateKey); - - return { privateKey, publicKey }; + const keyPair = await keygenAsync(); + return { privateKey: keyPair.secretKey, publicKey: keyPair.publicKey }; } export function exportJWK(key: Uint8Array, kid: string) {