Suite of AT Protocol TypeScript libraries built on web standards
1import { fromString } from "@atp/bytes";
2import { parseDidKey } from "./did.ts";
3import { plugins } from "./plugins.ts";
4import type { VerifyOptions } from "./types.ts";
5
6/**
7 * Verifies a given signature is valid for the given data using the specified DID key and algorithm.
8 * @param didKey - The DID key to verify the signature with
9 * @param data - The data to verify the signature against
10 * @param sig - The signature to verify
11 * @param opts - Options for loosening verification and jwt algorithm
12 * @returns True if the signature is valid, false otherwise
13 */
14export const verifySignature = (
15 didKey: string,
16 data: Uint8Array,
17 sig: Uint8Array,
18 opts?: VerifyOptions & {
19 jwtAlg?: string;
20 },
21): boolean => {
22 const parsed = parseDidKey(didKey);
23 if (opts?.jwtAlg && opts.jwtAlg !== parsed.jwtAlg) {
24 throw new Error(`Expected key alg ${opts.jwtAlg}, got ${parsed.jwtAlg}`);
25 }
26 const plugin = plugins.find((p) => p.jwtAlg === parsed.jwtAlg);
27 if (!plugin) {
28 throw new Error(`Unsupported signature alg: ${parsed.jwtAlg}`);
29 }
30 return plugin.verifySignature(didKey, data, sig, opts);
31};
32
33/**
34 * {@linkcode verifySignature} with string inputs converted to bytes using UTF-8 encoding
35 * @param didKey - The DID key string to verify the signature with
36 * @param data - The data string to verify the signature against
37 * @param sig - The signature string to verify
38 * @param opts - Options for loosening verification
39 * @returns True if the signature is valid, false otherwise
40 */
41export const verifySignatureUtf8 = (
42 didKey: string,
43 data: string,
44 sig: string,
45 opts?: VerifyOptions,
46): boolean => {
47 const dataBytes = fromString(data, "utf8");
48 const sigBytes = fromString(sig, "base64url");
49 return verifySignature(didKey, dataBytes, sigBytes, opts);
50};