@noble/curves 0.2.1 → 0.3.0

package/lib/modular.js

@@ -6,10 +6,6 @@ exports.isNegativeLE = exports.sqrt = exports.legendre = exports.invertBatch = e
 const _0n = BigInt(0);
 const _1n = BigInt(1);
 const _2n = BigInt(2);
-const _3n = BigInt(3);
-const _4n = BigInt(4);
-const _5n = BigInt(5);
-const _8n = BigInt(8);
 // Calculates a modulo b
 function mod(a, b) {
     const result = a % b;
@@ -18,6 +14,7 @@ function mod(a, b) {
 exports.mod = mod;
 /**
  * Efficiently exponentiate num to power and do modular division.
+ * Unsafe in some contexts: uses ladder, so can expose bigint bits.
  * @example
  * powMod(2n, 6n, 11n) // 64n % 11n == 9n
  */
@@ -110,23 +107,30 @@ function invertBatch(nums, modulo) {
     return scratch;
 }
 exports.invertBatch = invertBatch;
-// Calculates Legendre symbol: num^((P-1)/2)
-function legendre(num, fieldPrime) {
-    return pow(num, (fieldPrime - _1n) / _2n, fieldPrime);
+/**
+ * Calculates Legendre symbol (a | p), which denotes the value of a^((p-1)/2) (mod p).
+ * * (a | p) ≡ 1    if a is a square (mod p)
+ * * (a | p) ≡ -1   if a is not a square (mod p)
+ * * (a | p) ≡ 0    if a ≡ 0 (mod p)
+ */
+function legendre(num, P) {
+    return pow(num, (P - _1n) / _2n, P);
 }
 exports.legendre = legendre;
 /**
  * Calculates square root of a number in a finite field.
  */
 function sqrt(number, modulo) {
+    // prettier-ignore
+    const _3n = BigInt(3), _4n = BigInt(4), _5n = BigInt(5), _8n = BigInt(8);
     const n = number;
     const P = modulo;
     const p1div4 = (P + _1n) / _4n;
-    // P = 3 (mod 4)
+    // P ≡ 3 (mod 4)
     // sqrt n = n^((P+1)/4)
     if (P % _4n === _3n)
         return pow(n, p1div4, P);
-    // P = 5 (mod 8)
+    // P ≡ 5 (mod 8)
     if (P % _8n === _5n) {
         const n2 = mod(n * _2n, P);
         const v = pow(n2, (P - _5n) / _8n, P);
@@ -136,6 +140,7 @@ function sqrt(number, modulo) {
         return r;
     }
     // Other cases: Tonelli-Shanks algorithm
+    // Check whether n is square
     if (legendre(n, P) !== _1n)
         throw new Error('Cannot find square root');
     let q, s, z;

package/lib/utils.d.ts

@@ -30,3 +30,7 @@ export declare function nLength(n: bigint, nBitLength?: number): {
 };
 export declare function hashToPrivateScalar(hash: Hex, CURVE_ORDER: bigint, isLE?: boolean): bigint;
 export declare function equalBytes(b1: Uint8Array, b2: Uint8Array): boolean;
+/**
+ * Cryptographically secure PRNG
+ */
+export declare function randomBytes(bytesLength?: number): Uint8Array;

package/lib/utils.js

@@ -1,7 +1,10 @@
 "use strict";
 /*! @noble/curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.equalBytes = exports.hashToPrivateScalar = exports.nLength = exports.concatBytes = exports.ensureBytes = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = exports.validateOpts = void 0;
+exports.randomBytes = exports.equalBytes = exports.hashToPrivateScalar = exports.nLength = exports.concatBytes = exports.ensureBytes = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = exports.validateOpts = void 0;
+// The import here is via the package name. This is to ensure
+// that exports mapping/resolution does fall into place.
+const crypto_1 = require("@noble/curves/crypto");
 function validateOpts(curve) {
     for (const i of ['P', 'n', 'h', 'Gx', 'Gy']) {
         if (typeof curve[i] !== 'bigint')
@@ -139,3 +142,18 @@ function equalBytes(b1, b2) {
     return true;
 }
 exports.equalBytes = equalBytes;
+/**
+ * Cryptographically secure PRNG
+ */
+function randomBytes(bytesLength = 32) {
+    if (crypto_1.crypto.web) {
+        return crypto_1.crypto.web.getRandomValues(new Uint8Array(bytesLength));
+    }
+    else if (crypto_1.crypto.node) {
+        return new Uint8Array(crypto_1.crypto.node.randomBytes(bytesLength).buffer);
+    }
+    else {
+        throw new Error("The environment doesn't have randomBytes function");
+    }
+}
+exports.randomBytes = randomBytes;

package/lib/weierstrass.d.ts

@@ -1,5 +1,5 @@
 /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
-import { BasicCurve, Hex, PrivKey } from './utils.js';
+import { BasicCurve, Hex, PrivKey, randomBytes as utilRandomBytes } from './utils.js';
 import { Group, GroupConstructor } from './group.js';
 export declare type CHash = {
     (message: Uint8Array | string): Uint8Array;
@@ -23,9 +23,10 @@ export declare type CurveType = BasicCurve & {
     lowS?: boolean;
     hash: CHash;
     hmac: HmacFnSync;
-    randomBytes: (bytesLength?: number) => Uint8Array;
+    randomBytes?: (bytesLength?: number) => Uint8Array;
     truncateHash?: (hash: Uint8Array, truncateOnly?: boolean) => bigint;
     sqrtMod?: (n: bigint) => bigint;
+    normalizePrivateKey?: (key: PrivKey) => PrivKey;
     endo?: EndomorphismOpts;
 };
 declare function validateOpts(curve: CurveType): Readonly<{
@@ -41,9 +42,10 @@ declare function validateOpts(curve: CurveType): Readonly<{
     lowS: boolean;
     readonly hash: CHash;
     readonly hmac: HmacFnSync;
-    readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
+    randomBytes: typeof utilRandomBytes;
     readonly truncateHash?: ((hash: Uint8Array, truncateOnly?: boolean | undefined) => bigint) | undefined;
     readonly sqrtMod?: ((n: bigint) => bigint) | undefined;
+    readonly normalizePrivateKey?: ((key: PrivKey) => PrivKey) | undefined;
     readonly endo?: EndomorphismOpts | undefined;
 }>;
 declare type Entropy = Hex | true;

package/lib/weierstrass.js

@@ -16,16 +16,22 @@ const group_js_1 = require("./group.js");
 // Should be separate from overrides, since overrides can use information about curve (for example nBits)
 function validateOpts(curve) {
     const opts = (0, utils_js_1.validateOpts)(curve);
-    if (typeof opts.hash !== 'function' || !Number.isSafeInteger(opts.hash.outputLen))
-        throw new Error('Invalid hash function');
-    if (typeof opts.hmac !== 'function')
-        throw new Error('Invalid hmac function');
-    if (typeof opts.randomBytes !== 'function')
-        throw new Error('Invalid randomBytes function');
     for (const i of ['a', 'b']) {
         if (typeof opts[i] !== 'bigint')
             throw new Error(`Invalid curve param ${i}=${opts[i]} (${typeof opts[i]})`);
     }
+    for (const fn of ['hash', 'hmac']) {
+        if (typeof opts[fn] !== 'function')
+            throw new Error(`Invalid ${fn} function`);
+    }
+    for (const fn of ['randomBytes']) {
+        if (opts[fn] === undefined)
+            continue; // Optional
+        if (typeof opts[fn] !== 'function')
+            throw new Error(`Invalid ${fn} function`);
+    }
+    if (!Number.isSafeInteger(opts.hash.outputLen))
+        throw new Error('Invalid hash function');
     const endo = opts.endo;
     if (endo) {
         if (opts.a !== _0n) {
@@ -38,7 +44,7 @@ function validateOpts(curve) {
         }
     }
     // Set defaults
-    return Object.freeze({ lowS: true, ...opts });
+    return Object.freeze({ lowS: true, randomBytes: utils_js_1.randomBytes, ...opts });
 }
 // TODO: convert bits to bytes aligned to 32 bits? (224 for example)
 // DER encoding utilities
@@ -186,6 +192,9 @@ function weierstrass(curveDef) {
     }
     function normalizePrivateKey(key) {
         let num;
+        if (typeof CURVE.normalizePrivateKey === 'function') {
+            key = CURVE.normalizePrivateKey(key);
+        }
         if (typeof key === 'bigint') {
             num = key;
         }
@@ -193,7 +202,7 @@ function weierstrass(curveDef) {
             num = BigInt(key);
         }
         else if (typeof key === 'string') {
-            key = key.padStart(2 * groupLen, '0'); // Eth-like hexes
+            // key = key.padStart(2 * groupLen, '0'); // Eth-like hexes
             if (key.length !== 2 * groupLen)
                 throw new Error(`Expected ${groupLen} bytes of private key`);
             num = (0, utils_js_1.hexToNumber)(key);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@noble/curves",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "Minimal, zero-dependency JS implementation of elliptic curve cryptography",
   "files": [
     "index.js",
@@ -8,12 +8,12 @@
     "lib/esm"
   ],
   "scripts": {
-    "bench": "node curve-definitions/benchmark/index.js",
+    "bench": "node benchmark/index.js",
     "build": "tsc && tsc -p tsconfig.esm.json",
     "build:release": "rollup -c rollup.config.js",
-    "lint": "prettier --check 'src/**/*.{js,ts}' 'curve-definitions/src/**/*.{js,ts}'",
-    "format": "prettier --write 'src/**/*.{js,ts}' 'curve-definitions/src/**/*.{js,ts}'",
-    "test": "cd curve-definitions; node test/index.test.js"
+    "lint": "prettier --check 'src/**/*.{js,ts}'",
+    "format": "prettier --write 'src/**/*.{js,ts}'",
+    "test": "node test/index.test.js"
   },
   "author": "Paul Miller (https://paulmillr.com)",
   "homepage": "https://paulmillr.com/noble/",
@@ -22,16 +22,32 @@
     "url": "https://github.com/paulmillr/noble-curves.git"
   },
   "license": "MIT",
+  "dependencies": {
+    "@noble/hashes": "1.1.5"
+  },
   "devDependencies": {
     "@rollup/plugin-node-resolve": "13.3.0",
+    "@scure/base": "^1.1.1",
+    "@scure/bip32": "^1.1.1",
+    "@scure/bip39": "^1.1.0",
+    "fast-check": "^3.4.0",
     "micro-bmark": "0.2.0",
-    "micro-should": "0.2.0",
-    "prettier": "2.6.2",
+    "micro-should": "^0.2.0",
+    "prettier": "^2.6.2",
     "rollup": "2.75.5",
     "typescript": "4.7.3"
   },
   "main": "index.js",
   "exports": {
+    "./crypto": {
+      "types": "./lib/crypto.d.ts",
+      "browser": {
+        "import": "./lib/esm/cryptoBrowser.js",
+        "default": "./lib/cryptoBrowser.js"
+      },
+      "import": "./lib/esm/crypto.js",
+      "default": "./lib/crypto.js"
+    },
     "./edwards": {
       "types": "./lib/edwards.d.ts",
       "import": "./lib/esm/edwards.js",
@@ -58,6 +74,10 @@
       "default": "./lib/utils.js"
     }
   },
+  "browser": {
+    "crypto": false,
+    "./crypto": "./cryptoBrowser.js"
+  },
   "keywords": [
     "elliptic",
     "curve",
@@ -84,4 +104,4 @@
       "url": "https://paulmillr.com/funding/"
     }
   ]
-}
+}