+5

.changeset/puny-mugs-bake.md

reviewed

··· 1 1 + --- 2 2 + '@atcute/crypto': patch 3 3 + --- 4 4 + 5 5 + try compressed point import

+53 -60

packages/utilities/crypto/lib/keypairs/p256.ts

reviewed

··· 12 12 compressPoint, 13 13 deriveEcPublicKeyFromPrivateKey, 14 14 isSignatureNormalized, 15 15 + isUncompressedPoint, 15 16 normalizeSignature, 16 17 toMultikey, 17 18 } from '../utils.ts'; ··· 26 27 hash: 'SHA-256', 27 28 } as const; 28 29 29 29 - // TODO(2026-12-09): set this to true, importing compressed EC keys should be widely available by then 30 30 - // Firefox added support in 2025-10-29, Firefox 146 scheduled release is 2025-12-09 31 31 - // WebKit added support in 2022-09-10 but only in SPKI format (why???) 32 32 - const SUPPORTS_COMPRESSED_EC_KEYS = false; 30 30 + // importing raw compressed EC points is supported on Node, Bun, Deno, Chrome, 31 31 + // and Firefox 132+. WebKit does not support it (as of 2026-03-18). 32 32 + // `undefined` means we haven't probed yet — the first import will try compressed 33 33 + // and set this based on whether it succeeds. 34 34 + let IS_COMPRESSED_POINT_SUPPORTED: boolean | undefined; 35 35 + 36 36 + const importPublicKey = async ( 37 37 + publicKeyBytes: Uint8Array, 38 38 + extractable: boolean, 39 39 + usages: KeyUsage[], 40 40 + ): Promise<CryptoKey> => { 41 41 + if (IS_COMPRESSED_POINT_SUPPORTED === true || isUncompressedPoint(publicKeyBytes)) { 42 42 + return crypto.subtle.importKey('raw', publicKeyBytes as BufferSource, ECDSA_ALG, extractable, usages); 43 43 + } 44 44 + 45 45 + if (IS_COMPRESSED_POINT_SUPPORTED === false) { 46 46 + return crypto.subtle.importKey( 47 47 + 'raw', 48 48 + uncompressP256Point(publicKeyBytes), 49 49 + ECDSA_ALG, 50 50 + extractable, 51 51 + usages, 52 52 + ); 53 53 + } 54 54 + 55 55 + try { 56 56 + const key = await crypto.subtle.importKey( 57 57 + 'raw', 58 58 + publicKeyBytes as BufferSource, 59 59 + ECDSA_ALG, 60 60 + extractable, 61 61 + usages, 62 62 + ); 63 63 + 64 64 + IS_COMPRESSED_POINT_SUPPORTED = true; 65 65 + return key; 66 66 + } catch { 67 67 + const key = await crypto.subtle.importKey( 68 68 + 'raw', 69 69 + uncompressP256Point(publicKeyBytes), 70 70 + ECDSA_ALG, 71 71 + extractable, 72 72 + usages, 73 73 + ); 74 74 + 75 75 + IS_COMPRESSED_POINT_SUPPORTED = false; 76 76 + return key; 77 77 + } 78 78 + }; 33 79 34 80 const ASN1_ALGORITHM_IDENTIFIER = Uint8Array.from([ 35 81 ...[/* SEQ */ 0x30, /* len */ 0x13], // AlgorithmIdentifier ··· 57 103 /**********/ ...[/* OCT_STR */ 0x04, /* len: 32 */ 0x20 /* ... */], 58 104 ]); 59 105 60 60 - const SPKI_PREFIX = Uint8Array.from([ 61 61 - ...[/* SEQ */ 0x30, /* len */ 0x39], // SubjectPublicKeyInfo 62 62 - /**/ ...ASN1_ALGORITHM_IDENTIFIER, // AlgorithmIdentifier 63 63 - /**/ ...[/* BIT_STR */ 0x03, /* len: 33 */ 0x22, 0x00 /* ... */], // PublicKey 64 64 - ]); 65 65 - 66 106 export class P256PublicKey implements PublicKey { 67 107 readonly type = 'p256'; 68 108 readonly jwtAlg = 'ES256'; ··· 76 116 } 77 117 78 118 static async importRaw(publicKeyBytes: Uint8Array): Promise<P256PublicKey> { 79 79 - let imported: CryptoKey; 80 80 - 81 81 - if (!SUPPORTS_COMPRESSED_EC_KEYS) { 82 82 - imported = await crypto.subtle.importKey('raw', uncompressP256Point(publicKeyBytes), ECDSA_ALG, true, [ 83 83 - 'verify', 84 84 - ]); 85 85 - } else { 86 86 - imported = await crypto.subtle.importKey( 87 87 - 'spki', 88 88 - concat([SPKI_PREFIX, publicKeyBytes]), 89 89 - ECDSA_ALG, 90 90 - true, 91 91 - ['verify'], 92 92 - ); 93 93 - } 94 94 - 119 119 + const imported = await importPublicKey(publicKeyBytes, true, ['verify']); 95 120 return new P256PublicKey(imported); 96 121 } 97 122 ··· 177 202 let publicKey: CryptoKey; 178 203 179 204 if (publicKeyBytes) { 180 180 - if (!SUPPORTS_COMPRESSED_EC_KEYS) { 181 181 - publicKey = await crypto.subtle.importKey( 182 182 - 'raw', 183 183 - uncompressP256Point(publicKeyBytes), 184 184 - ECDSA_ALG, 185 185 - true, 186 186 - ['verify'], 187 187 - ); 188 188 - } else { 189 189 - publicKey = await crypto.subtle.importKey( 190 190 - 'spki', 191 191 - concat([SPKI_PREFIX, publicKeyBytes]), 192 192 - ECDSA_ALG, 193 193 - true, 194 194 - ['verify'], 195 195 - ); 196 196 - } 205 205 + publicKey = await importPublicKey(publicKeyBytes, true, ['verify']); 197 206 } else { 198 207 publicKey = await deriveEcPublicKeyFromPrivateKey(privateKey, ['verify']); 199 208 } ··· 264 273 let publicKey: CryptoKey; 265 274 266 275 if (publicKeyBytes) { 267 267 - if (!SUPPORTS_COMPRESSED_EC_KEYS) { 268 268 - publicKey = await crypto.subtle.importKey( 269 269 - 'raw', 270 270 - uncompressP256Point(publicKeyBytes), 271 271 - ECDSA_ALG, 272 272 - true, 273 273 - ['verify'], 274 274 - ); 275 275 - } else { 276 276 - publicKey = await crypto.subtle.importKey( 277 277 - 'spki', 278 278 - concat([SPKI_PREFIX, publicKeyBytes]), 279 279 - ECDSA_ALG, 280 280 - true, 281 281 - ['verify'], 282 282 - ); 283 283 - } 276 276 + publicKey = await importPublicKey(publicKeyBytes, true, ['verify']); 284 277 } else { 285 278 publicKey = await deriveEcPublicKeyFromPrivateKey(privateKey, ['verify']); 286 279 }