How to use the @tanker/crypto.tcrypto.verifySignature function in @tanker/crypto
To help you get started, we’ve selected a few @tanker/crypto examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
TankerHQ / sdk-js / packages / core / src / __tests__ / Generator.spec.js View on Github 
it('should add a user given a userId', async () => {
await generator.newUserCreationV3('47');
expect(generator.pushedBlocks.length).to.equal(2);
expect(Object.keys(generator.users)).to.have.a.lengthOf(1);
expect(generator.users['47'].devices).to.have.a.lengthOf(1);
const userAddBlock = blockToEntry(generator.pushedBlocks[generator.pushedBlocks.length - 1]);
const userAddBlockPayload: UserDeviceRecord = (userAddBlock.payload_unverified: any);
const delegationBuffer = utils.concatArrays(userAddBlockPayload.ephemeral_public_signature_key, userAddBlockPayload.user_id);
expect(isDeviceCreation(userAddBlock.nature)).to.be.true;
expect(tcrypto.verifySignature(delegationBuffer, userAddBlockPayload.delegation_signature, trustchainKeys.publicKey)).to.equal(true);
expect(tcrypto.verifySignature(userAddBlock.hash, userAddBlock.signature, userAddBlockPayload.ephemeral_public_signature_key)).to.equal(true);
expect(userAddBlockPayload.public_signature_key).to.deep.equal(generator.users['47'].devices[0].signKeys.publicKey);
});it('should add a device when correct arguments are provided', async () => {
await generator.newUserCreationV3('47');
const deviceAddBlock = (await generator.newDeviceCreationV3({ userId: '47', parentIndex: 0 })).entry;
const deviceAddBlockPayload: UserDeviceRecord = (deviceAddBlock.payload_unverified: any);
const parentDevice = generator.users['47'].devices[0];
const { signature } = deviceAddBlock;
const { publicKey } = parentDevice.signKeys;
const delegationBuffer = utils.concatArrays(deviceAddBlockPayload.ephemeral_public_signature_key, deviceAddBlockPayload.user_id);
expect(isDeviceCreation(deviceAddBlock.nature)).to.be.true;
expect(generator.users['47'].devices[1].id).to.deep.equal(deviceAddBlock.hash);
expect(tcrypto.verifySignature(delegationBuffer, deviceAddBlockPayload.delegation_signature, publicKey)).to.equal(true);
expect(tcrypto.verifySignature(deviceAddBlock.hash, signature, deviceAddBlockPayload.ephemeral_public_signature_key)).to.equal(true);
});
});it('should add a user given a userId', async () => {
await generator.newUserCreationV3('47');
expect(generator.pushedBlocks.length).to.equal(2);
expect(Object.keys(generator.users)).to.have.a.lengthOf(1);
expect(generator.users['47'].devices).to.have.a.lengthOf(1);
const userAddBlock = blockToEntry(generator.pushedBlocks[generator.pushedBlocks.length - 1]);
const userAddBlockPayload: UserDeviceRecord = (userAddBlock.payload_unverified: any);
const delegationBuffer = utils.concatArrays(userAddBlockPayload.ephemeral_public_signature_key, userAddBlockPayload.user_id);
expect(isDeviceCreation(userAddBlock.nature)).to.be.true;
expect(tcrypto.verifySignature(delegationBuffer, userAddBlockPayload.delegation_signature, trustchainKeys.publicKey)).to.equal(true);
expect(tcrypto.verifySignature(userAddBlock.hash, userAddBlock.signature, userAddBlockPayload.ephemeral_public_signature_key)).to.equal(true);
expect(userAddBlockPayload.public_signature_key).to.deep.equal(generator.users['47'].devices[0].signKeys.publicKey);
});groupSignatureKeyPair,
groupEncryptionKeyPair,
[user],
[]
);
const entry = getGroupEntryFromBlock(block);
const record: UserGroupCreationRecordV2 = (entry: any);
expect(record.public_signature_key).to.deep.equal(groupSignatureKeyPair.publicKey);
expect(record.public_encryption_key).to.deep.equal(groupEncryptionKeyPair.publicKey);
expect(tcrypto.sealDecrypt(record.encrypted_group_private_signature_key, groupEncryptionKeyPair)).to.deep.equal(groupSignatureKeyPair.privateKey);
expect(record.encrypted_group_private_encryption_keys_for_users.length).to.deep.equal(1);
expect(record.encrypted_group_private_encryption_keys_for_users[0].public_user_encryption_key).to.deep.equal(userKeys.publicKey);
expect(tcrypto.sealDecrypt(record.encrypted_group_private_encryption_keys_for_users[0].encrypted_group_private_encryption_key, userKeys)).to.deep.equal(groupEncryptionKeyPair.privateKey);
const signData = getUserGroupCreationBlockSignDataV2(record);
expect(tcrypto.verifySignature(signData, record.self_signature, groupSignatureKeyPair.publicKey)).to.equal(true);
});groupSignatureKeyPair.privateKey,
previousGroupBlock,
groupEncryptionKeyPair.privateKey,
[user],
[]
);
const entry = getGroupEntryFromBlock(block);
const record: UserGroupAdditionRecordV2 = (entry: any);
expect(record.group_id).to.deep.equal(groupSignatureKeyPair.publicKey);
expect(record.previous_group_block).to.deep.equal(previousGroupBlock);
expect(record.encrypted_group_private_encryption_keys_for_users.length).to.deep.equal(1);
expect(record.encrypted_group_private_encryption_keys_for_users[0].public_user_encryption_key).to.deep.equal(userKeys.publicKey);
expect(tcrypto.sealDecrypt(record.encrypted_group_private_encryption_keys_for_users[0].encrypted_group_private_encryption_key, userKeys)).to.deep.equal(groupEncryptionKeyPair.privateKey);
const signData = getUserGroupAdditionBlockSignDataV2(record);
expect(tcrypto.verifySignature(signData, record.self_signature_with_current_key, groupSignatureKeyPair.publicKey)).to.equal(true);
});
});if (existingGroup && !utils.equalArray(existingGroup.publicEncryptionKey, currentPayload.public_encryption_key)) {
throw new InvalidBlockError('group_already_exists', 'a group with the same public signature key already exists', entry);
}
let selfSigBuffer;
if (entry.nature === NATURE.user_group_creation_v1) {
const versionedPayload: UserGroupCreationRecordV1 = (currentPayload: any);
selfSigBuffer = getUserGroupCreationBlockSignDataV1(versionedPayload);
} else if (entry.nature === NATURE.user_group_creation_v2) {
const versionedPayload: UserGroupCreationRecordV2 = (currentPayload: any);
selfSigBuffer = getUserGroupCreationBlockSignDataV2(versionedPayload);
} else {
throw new InvalidBlockError('invalid_nature', 'invalid nature for user group creation', { entry });
}
if (!tcrypto.verifySignature(selfSigBuffer, currentPayload.self_signature, currentPayload.public_signature_key))
throw new InvalidBlockError('invalid_self_signature', 'self signature is invalid', entry);
}export function verifyProvisionalIdentityClaim(entry: ClaimEntry, devicePublicSignatureKey: Uint8Array, authorUserId: Uint8Array) {
if (!utils.equalArray(entry.user_id, authorUserId))
throw new InvalidBlockError('invalid_author', 'Claim provisional identity author does not match claimed user ID', { entry, authorUserId });
if (!tcrypto.verifySignature(entry.hash, entry.signature, devicePublicSignatureKey))
throw new InvalidBlockError('invalid_signature', 'signature is invalid', entry);
const multiSignedPayload = utils.concatArrays(
entry.device_id,
entry.app_provisional_identity_signature_public_key,
entry.tanker_provisional_identity_signature_public_key,
);
if (!tcrypto.verifySignature(multiSignedPayload, entry.author_signature_by_app_key, entry.app_provisional_identity_signature_public_key))
throw new InvalidBlockError('invalid_signature', 'app signature is invalid', entry);
if (!tcrypto.verifySignature(multiSignedPayload, entry.author_signature_by_tanker_key, entry.tanker_provisional_identity_signature_public_key))
throw new InvalidBlockError('invalid_signature', 'tanker signature is invalid', entry);
}export function verifyDeviceCreation(entry: DeviceCreationEntry, authorUser: ?User, trustchainPublicKey: Uint8Array) {
if (!utils.isNullArray(entry.last_reset))
throw new InvalidBlockError('invalid_last_reset', 'last_reset is not null', { entry });
const userPublicKey = authorUser ? getLastUserPublicKey(authorUser) : null;
if (userPublicKey && entry.nature !== NATURE.device_creation_v3)
throw new InvalidBlockError('forbidden', 'device creation version mismatch', { entry });
if (!tcrypto.verifySignature(entry.hash, entry.signature, entry.ephemeral_public_signature_key))
throw new InvalidBlockError('invalid_signature', 'signature is invalid', { entry });
const delegationBuffer = utils.concatArrays(entry.ephemeral_public_signature_key, entry.user_id);
if (authorUser) {
const authorDevice: Device = find(authorUser.devices, d => utils.equalArray(d.deviceId, entry.author));
if (!tcrypto.verifySignature(delegationBuffer, entry.delegation_signature, authorDevice.devicePublicSignatureKey))
throw new InvalidBlockError('invalid_delegation_signature', 'invalid signature from device creation author', { entry, authorDevice });
if (authorDevice.revoked)
throw new InvalidBlockError('revoked_author_error', 'device creation author is revoked', { entry });
if (entry.nature === NATURE.device_creation_v3 && userPublicKey && entry.user_key_pair
&& !utils.equalArray(entry.user_key_pair.public_encryption_key, userPublicKey))
throw new InvalidBlockError('invalid_public_user_key', 'public_user_key is different than the author\'s one', { entry, authorDevice });export function verifyProvisionalIdentityClaim(entry: ClaimEntry, devicePublicSignatureKey: Uint8Array, authorUserId: Uint8Array) {
if (!utils.equalArray(entry.user_id, authorUserId))
throw new InvalidBlockError('invalid_author', 'Claim provisional identity author does not match claimed user ID', { entry, authorUserId });
if (!tcrypto.verifySignature(entry.hash, entry.signature, devicePublicSignatureKey))
throw new InvalidBlockError('invalid_signature', 'signature is invalid', entry);
const multiSignedPayload = utils.concatArrays(
entry.device_id,
entry.app_provisional_identity_signature_public_key,
entry.tanker_provisional_identity_signature_public_key,
);
if (!tcrypto.verifySignature(multiSignedPayload, entry.author_signature_by_app_key, entry.app_provisional_identity_signature_public_key))
throw new InvalidBlockError('invalid_signature', 'app signature is invalid', entry);
if (!tcrypto.verifySignature(multiSignedPayload, entry.author_signature_by_tanker_key, entry.tanker_provisional_identity_signature_public_key))
throw new InvalidBlockError('invalid_signature', 'tanker signature is invalid', entry);
}@tanker/crypto
Tanker SDK (cryptographic primitives)
Package Health Score
65 / 100Popular @tanker/crypto functions
- @tanker/crypto.generichash
- @tanker/crypto.random
- @tanker/crypto.tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.getEncryptionKeyPairFromPrivateKey
- @tanker/crypto.tcrypto.HASH_SIZE
- @tanker/crypto.tcrypto.MAC_SIZE
- @tanker/crypto.tcrypto.makeEncryptionKeyPair
- @tanker/crypto.tcrypto.makeSignKeyPair
- @tanker/crypto.tcrypto.sealDecrypt
- @tanker/crypto.tcrypto.sealEncrypt
- @tanker/crypto.tcrypto.sign
- @tanker/crypto.tcrypto.SIGNATURE_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.SIGNATURE_SIZE
- @tanker/crypto.tcrypto.SYMMETRIC_KEY_SIZE
- @tanker/crypto.tcrypto.verifySignature
- @tanker/crypto.utils.concatArrays
- @tanker/crypto.utils.equalArray
- @tanker/crypto.utils.fromBase64
- @tanker/crypto.utils.fromString
- @tanker/crypto.utils.toBase64