Cryptography utilities #10

Closed
opened 2026-03-03 17:52:18 +00:00 by Grandiras · 0 comments
Owner

Cryptography Utilities

Add a general-purpose AtProtoCrypto static class for AT Protocol cryptographic operations.

Features

  • Key generation: K-256 (secp256k1) and P-256 (NIST) key pairs
  • Signing: Sign data with private keys (both curves)
  • Verification: Verify signatures against public keys
  • Key serialization: Import/export keys in formats used by AT Protocol (multibase, did:key)
  • Multicodec support: Encode/decode public keys with proper multicodec prefixes

Context

The SDK currently only has crypto for DPoP proof generation (ES256/P-256 in DPoPProofGenerator) and PKCE (SHA-256 in PkceGenerator). A general-purpose crypto API is needed for:

  • Verifying repository commit signatures
  • Verifying label signatures
  • Working with did:key identifiers
  • Service auth JWT signing

Reference

## Cryptography Utilities Add a general-purpose `AtProtoCrypto` static class for AT Protocol cryptographic operations. ### Features - **Key generation**: K-256 (secp256k1) and P-256 (NIST) key pairs - **Signing**: Sign data with private keys (both curves) - **Verification**: Verify signatures against public keys - **Key serialization**: Import/export keys in formats used by AT Protocol (multibase, did:key) - **Multicodec support**: Encode/decode public keys with proper multicodec prefixes ### Context The SDK currently only has crypto for DPoP proof generation (ES256/P-256 in `DPoPProofGenerator`) and PKCE (SHA-256 in `PkceGenerator`). A general-purpose crypto API is needed for: - Verifying repository commit signatures - Verifying label signatures - Working with did:key identifiers - Service auth JWT signing ### Reference - [AT Protocol Cryptography spec](https://atproto.com/specs/cryptography)
Sign in to join this conversation.
No description provided.