@noble/curves 0.5.2 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +49 -5
- package/lib/_shortw_utils.d.ts +10 -21
- package/lib/abstract/bls.d.ts +39 -32
- package/lib/abstract/bls.js +74 -73
- package/lib/abstract/{group.d.ts → curve.d.ts} +31 -1
- package/lib/abstract/{group.js → curve.js} +39 -2
- package/lib/abstract/edwards.d.ts +30 -72
- package/lib/abstract/edwards.js +197 -375
- package/lib/abstract/hash-to-curve.d.ts +25 -6
- package/lib/abstract/hash-to-curve.js +40 -12
- package/lib/abstract/modular.d.ts +20 -7
- package/lib/abstract/modular.js +61 -35
- package/lib/abstract/montgomery.js +4 -5
- package/lib/abstract/poseidon.d.ts +29 -0
- package/lib/abstract/poseidon.js +115 -0
- package/lib/abstract/utils.d.ts +5 -36
- package/lib/abstract/utils.js +23 -71
- package/lib/abstract/weierstrass.d.ts +51 -74
- package/lib/abstract/weierstrass.js +455 -628
- package/lib/bls12-381.js +63 -58
- package/lib/bn.js +1 -1
- package/lib/ed25519.d.ts +7 -5
- package/lib/ed25519.js +82 -79
- package/lib/ed448.d.ts +3 -0
- package/lib/ed448.js +86 -83
- package/lib/esm/abstract/bls.js +75 -74
- package/lib/esm/abstract/{group.js → curve.js} +37 -1
- package/lib/esm/abstract/edwards.js +196 -374
- package/lib/esm/abstract/hash-to-curve.js +38 -11
- package/lib/esm/abstract/modular.js +58 -34
- package/lib/esm/abstract/montgomery.js +5 -6
- package/lib/esm/abstract/poseidon.js +109 -0
- package/lib/esm/abstract/utils.js +21 -66
- package/lib/esm/abstract/weierstrass.js +454 -627
- package/lib/esm/bls12-381.js +75 -70
- package/lib/esm/bn.js +1 -1
- package/lib/esm/ed25519.js +80 -78
- package/lib/esm/ed448.js +84 -82
- package/lib/esm/jubjub.js +1 -1
- package/lib/esm/p256.js +11 -9
- package/lib/esm/p384.js +11 -9
- package/lib/esm/p521.js +13 -12
- package/lib/esm/secp256k1.js +115 -151
- package/lib/esm/stark.js +104 -40
- package/lib/jubjub.d.ts +2 -2
- package/lib/jubjub.js +1 -1
- package/lib/p192.d.ts +20 -42
- package/lib/p224.d.ts +20 -42
- package/lib/p256.d.ts +23 -42
- package/lib/p256.js +13 -10
- package/lib/p384.d.ts +23 -42
- package/lib/p384.js +13 -10
- package/lib/p521.d.ts +23 -42
- package/lib/p521.js +15 -13
- package/lib/secp256k1.d.ts +25 -37
- package/lib/secp256k1.js +115 -151
- package/lib/stark.d.ts +36 -19
- package/lib/stark.js +107 -40
- package/package.json +13 -8
package/lib/p384.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import * as htf from './abstract/hash-to-curve.js';
|
|
1
2
|
export declare const P384: Readonly<{
|
|
2
3
|
create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn;
|
|
3
4
|
CURVE: Readonly<{
|
|
@@ -23,37 +24,26 @@ export declare const P384: Readonly<{
|
|
|
23
24
|
k2: bigint;
|
|
24
25
|
};
|
|
25
26
|
} | undefined;
|
|
26
|
-
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").
|
|
27
|
-
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").
|
|
28
|
-
readonly htfDefaults?: import("./abstract/hash-to-curve.js").htfOpts | undefined;
|
|
29
|
-
readonly mapToCurve?: ((scalar: bigint[]) => {
|
|
30
|
-
x: bigint;
|
|
31
|
-
y: bigint;
|
|
32
|
-
}) | undefined;
|
|
27
|
+
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => boolean) | undefined;
|
|
28
|
+
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => import("./abstract/weierstrass.js").ProjPointType<bigint>) | undefined;
|
|
33
29
|
lowS: boolean;
|
|
34
30
|
readonly hash: import("./abstract/utils.js").CHash;
|
|
35
31
|
readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
36
32
|
readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
|
|
37
|
-
readonly
|
|
33
|
+
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
34
|
+
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
38
35
|
}>;
|
|
39
36
|
getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
40
|
-
getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/
|
|
37
|
+
getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
|
41
38
|
sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").SignatureType;
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
} | undefined) => boolean;
|
|
46
|
-
|
|
47
|
-
ProjectivePoint: import("./abstract/weierstrass.js").ProjectiveConstructor<bigint>;
|
|
39
|
+
verify: (signature: import("./abstract/utils.js").Hex | {
|
|
40
|
+
r: bigint;
|
|
41
|
+
s: bigint;
|
|
42
|
+
}, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean;
|
|
43
|
+
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
48
44
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
49
45
|
utils: {
|
|
50
|
-
_bigintToBytes: (num: bigint) => Uint8Array;
|
|
51
|
-
_bigintToString: (num: bigint) => string;
|
|
52
46
|
_normalizePrivateKey: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
53
|
-
_normalizePublicKey: (publicKey: import("./abstract/weierstrass.js").PubKey) => import("./abstract/weierstrass.js").PointType<bigint>;
|
|
54
|
-
_isWithinCurveOrder: (num: bigint) => boolean;
|
|
55
|
-
_isValidFieldElement: (num: bigint) => boolean;
|
|
56
|
-
_weierstrassEquation: (x: bigint) => bigint;
|
|
57
47
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
58
48
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
59
49
|
randomPrivateKey: () => Uint8Array;
|
|
@@ -84,39 +74,30 @@ export declare const secp384r1: Readonly<{
|
|
|
84
74
|
k2: bigint;
|
|
85
75
|
};
|
|
86
76
|
} | undefined;
|
|
87
|
-
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").
|
|
88
|
-
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").
|
|
89
|
-
readonly htfDefaults?: import("./abstract/hash-to-curve.js").htfOpts | undefined;
|
|
90
|
-
readonly mapToCurve?: ((scalar: bigint[]) => {
|
|
91
|
-
x: bigint;
|
|
92
|
-
y: bigint;
|
|
93
|
-
}) | undefined;
|
|
77
|
+
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => boolean) | undefined;
|
|
78
|
+
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => import("./abstract/weierstrass.js").ProjPointType<bigint>) | undefined;
|
|
94
79
|
lowS: boolean;
|
|
95
80
|
readonly hash: import("./abstract/utils.js").CHash;
|
|
96
81
|
readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
97
82
|
readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
|
|
98
|
-
readonly
|
|
83
|
+
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
84
|
+
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
99
85
|
}>;
|
|
100
86
|
getPublicKey: (privateKey: import("./abstract/utils.js").PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
101
|
-
getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/
|
|
87
|
+
getSharedSecret: (privateA: import("./abstract/utils.js").PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
|
102
88
|
sign: (msgHash: import("./abstract/utils.js").Hex, privKey: import("./abstract/utils.js").PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").SignatureType;
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
} | undefined) => boolean;
|
|
107
|
-
|
|
108
|
-
ProjectivePoint: import("./abstract/weierstrass.js").ProjectiveConstructor<bigint>;
|
|
89
|
+
verify: (signature: import("./abstract/utils.js").Hex | {
|
|
90
|
+
r: bigint;
|
|
91
|
+
s: bigint;
|
|
92
|
+
}, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean;
|
|
93
|
+
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
109
94
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
110
95
|
utils: {
|
|
111
|
-
_bigintToBytes: (num: bigint) => Uint8Array;
|
|
112
|
-
_bigintToString: (num: bigint) => string;
|
|
113
96
|
_normalizePrivateKey: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
114
|
-
_normalizePublicKey: (publicKey: import("./abstract/weierstrass.js").PubKey) => import("./abstract/weierstrass.js").PointType<bigint>;
|
|
115
|
-
_isWithinCurveOrder: (num: bigint) => boolean;
|
|
116
|
-
_isValidFieldElement: (num: bigint) => boolean;
|
|
117
|
-
_weierstrassEquation: (x: bigint) => bigint;
|
|
118
97
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
119
98
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
120
99
|
randomPrivateKey: () => Uint8Array;
|
|
121
100
|
};
|
|
122
101
|
}>;
|
|
102
|
+
declare const hashToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
|
103
|
+
export { hashToCurve, encodeToCurve };
|
package/lib/p384.js
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.secp384r1 = exports.P384 = void 0;
|
|
3
|
+
exports.encodeToCurve = exports.hashToCurve = exports.secp384r1 = exports.P384 = void 0;
|
|
4
4
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
5
5
|
const _shortw_utils_js_1 = require("./_shortw_utils.js");
|
|
6
6
|
const sha512_1 = require("@noble/hashes/sha512");
|
|
7
7
|
const modular_js_1 = require("./abstract/modular.js");
|
|
8
8
|
const weierstrass_js_1 = require("./abstract/weierstrass.js");
|
|
9
|
+
const htf = require("./abstract/hash-to-curve.js");
|
|
9
10
|
// NIST secp384r1 aka P384
|
|
10
11
|
// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-384
|
|
11
12
|
// Field over which we'll do calculations. 2n**384n - 2n**128n - 2n**96n + 2n**32n - 1n
|
|
@@ -34,14 +35,16 @@ exports.P384 = (0, _shortw_utils_js_1.createCurve)({
|
|
|
34
35
|
Gy: BigInt('0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f'),
|
|
35
36
|
h: BigInt(1),
|
|
36
37
|
lowS: false,
|
|
37
|
-
mapToCurve: (scalars) => mapSWU(scalars[0]),
|
|
38
|
-
htfDefaults: {
|
|
39
|
-
DST: 'P384_XMD:SHA-384_SSWU_RO_',
|
|
40
|
-
p: Fp.ORDER,
|
|
41
|
-
m: 1,
|
|
42
|
-
k: 192,
|
|
43
|
-
expand: 'xmd',
|
|
44
|
-
hash: sha512_1.sha384,
|
|
45
|
-
},
|
|
46
38
|
}, sha512_1.sha384);
|
|
47
39
|
exports.secp384r1 = exports.P384;
|
|
40
|
+
const { hashToCurve, encodeToCurve } = htf.hashToCurve(exports.secp384r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), {
|
|
41
|
+
DST: 'P384_XMD:SHA-384_SSWU_RO_',
|
|
42
|
+
encodeDST: 'P384_XMD:SHA-384_SSWU_NU_',
|
|
43
|
+
p: Fp.ORDER,
|
|
44
|
+
m: 1,
|
|
45
|
+
k: 192,
|
|
46
|
+
expand: 'xmd',
|
|
47
|
+
hash: sha512_1.sha384,
|
|
48
|
+
});
|
|
49
|
+
exports.hashToCurve = hashToCurve;
|
|
50
|
+
exports.encodeToCurve = encodeToCurve;
|
package/lib/p521.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { PrivKey } from './abstract/utils.js';
|
|
2
|
+
import * as htf from './abstract/hash-to-curve.js';
|
|
2
3
|
export declare const P521: Readonly<{
|
|
3
4
|
create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn;
|
|
4
5
|
CURVE: Readonly<{
|
|
@@ -24,37 +25,26 @@ export declare const P521: Readonly<{
|
|
|
24
25
|
k2: bigint;
|
|
25
26
|
};
|
|
26
27
|
} | undefined;
|
|
27
|
-
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").
|
|
28
|
-
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").
|
|
29
|
-
readonly htfDefaults?: import("./abstract/hash-to-curve.js").htfOpts | undefined;
|
|
30
|
-
readonly mapToCurve?: ((scalar: bigint[]) => {
|
|
31
|
-
x: bigint;
|
|
32
|
-
y: bigint;
|
|
33
|
-
}) | undefined;
|
|
28
|
+
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => boolean) | undefined;
|
|
29
|
+
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => import("./abstract/weierstrass.js").ProjPointType<bigint>) | undefined;
|
|
34
30
|
lowS: boolean;
|
|
35
31
|
readonly hash: import("./abstract/utils.js").CHash;
|
|
36
32
|
readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
37
33
|
readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
|
|
38
|
-
readonly
|
|
34
|
+
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
35
|
+
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
39
36
|
}>;
|
|
40
37
|
getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
41
|
-
getSharedSecret: (privateA: PrivKey, publicB: import("./abstract/
|
|
38
|
+
getSharedSecret: (privateA: PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
|
42
39
|
sign: (msgHash: import("./abstract/utils.js").Hex, privKey: PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").SignatureType;
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
} | undefined) => boolean;
|
|
47
|
-
|
|
48
|
-
ProjectivePoint: import("./abstract/weierstrass.js").ProjectiveConstructor<bigint>;
|
|
40
|
+
verify: (signature: import("./abstract/utils.js").Hex | {
|
|
41
|
+
r: bigint;
|
|
42
|
+
s: bigint;
|
|
43
|
+
}, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean;
|
|
44
|
+
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
49
45
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
50
46
|
utils: {
|
|
51
|
-
_bigintToBytes: (num: bigint) => Uint8Array;
|
|
52
|
-
_bigintToString: (num: bigint) => string;
|
|
53
47
|
_normalizePrivateKey: (key: PrivKey) => bigint;
|
|
54
|
-
_normalizePublicKey: (publicKey: import("./abstract/weierstrass.js").PubKey) => import("./abstract/weierstrass.js").PointType<bigint>;
|
|
55
|
-
_isWithinCurveOrder: (num: bigint) => boolean;
|
|
56
|
-
_isValidFieldElement: (num: bigint) => boolean;
|
|
57
|
-
_weierstrassEquation: (x: bigint) => bigint;
|
|
58
48
|
isValidPrivateKey(privateKey: PrivKey): boolean;
|
|
59
49
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
60
50
|
randomPrivateKey: () => Uint8Array;
|
|
@@ -85,39 +75,30 @@ export declare const secp521r1: Readonly<{
|
|
|
85
75
|
k2: bigint;
|
|
86
76
|
};
|
|
87
77
|
} | undefined;
|
|
88
|
-
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").
|
|
89
|
-
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").
|
|
90
|
-
readonly htfDefaults?: import("./abstract/hash-to-curve.js").htfOpts | undefined;
|
|
91
|
-
readonly mapToCurve?: ((scalar: bigint[]) => {
|
|
92
|
-
x: bigint;
|
|
93
|
-
y: bigint;
|
|
94
|
-
}) | undefined;
|
|
78
|
+
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => boolean) | undefined;
|
|
79
|
+
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: import("./abstract/weierstrass.js").ProjPointType<bigint>) => import("./abstract/weierstrass.js").ProjPointType<bigint>) | undefined;
|
|
95
80
|
lowS: boolean;
|
|
96
81
|
readonly hash: import("./abstract/utils.js").CHash;
|
|
97
82
|
readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
98
83
|
readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
|
|
99
|
-
readonly
|
|
84
|
+
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
85
|
+
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
100
86
|
}>;
|
|
101
87
|
getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
102
|
-
getSharedSecret: (privateA: PrivKey, publicB: import("./abstract/
|
|
88
|
+
getSharedSecret: (privateA: PrivKey, publicB: import("./abstract/utils.js").Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
|
103
89
|
sign: (msgHash: import("./abstract/utils.js").Hex, privKey: PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").SignatureType;
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
} | undefined) => boolean;
|
|
108
|
-
|
|
109
|
-
ProjectivePoint: import("./abstract/weierstrass.js").ProjectiveConstructor<bigint>;
|
|
90
|
+
verify: (signature: import("./abstract/utils.js").Hex | {
|
|
91
|
+
r: bigint;
|
|
92
|
+
s: bigint;
|
|
93
|
+
}, msgHash: import("./abstract/utils.js").Hex, publicKey: import("./abstract/utils.js").Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean;
|
|
94
|
+
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
110
95
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
111
96
|
utils: {
|
|
112
|
-
_bigintToBytes: (num: bigint) => Uint8Array;
|
|
113
|
-
_bigintToString: (num: bigint) => string;
|
|
114
97
|
_normalizePrivateKey: (key: PrivKey) => bigint;
|
|
115
|
-
_normalizePublicKey: (publicKey: import("./abstract/weierstrass.js").PubKey) => import("./abstract/weierstrass.js").PointType<bigint>;
|
|
116
|
-
_isWithinCurveOrder: (num: bigint) => boolean;
|
|
117
|
-
_isValidFieldElement: (num: bigint) => boolean;
|
|
118
|
-
_weierstrassEquation: (x: bigint) => bigint;
|
|
119
98
|
isValidPrivateKey(privateKey: PrivKey): boolean;
|
|
120
99
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
121
100
|
randomPrivateKey: () => Uint8Array;
|
|
122
101
|
};
|
|
123
102
|
}>;
|
|
103
|
+
declare const hashToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
|
104
|
+
export { hashToCurve, encodeToCurve };
|
package/lib/p521.js
CHANGED
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.secp521r1 = exports.P521 = void 0;
|
|
3
|
+
exports.encodeToCurve = exports.hashToCurve = exports.secp521r1 = exports.P521 = void 0;
|
|
4
4
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
5
5
|
const _shortw_utils_js_1 = require("./_shortw_utils.js");
|
|
6
6
|
const sha512_1 = require("@noble/hashes/sha512");
|
|
7
7
|
const utils_js_1 = require("./abstract/utils.js");
|
|
8
8
|
const modular_js_1 = require("./abstract/modular.js");
|
|
9
9
|
const weierstrass_js_1 = require("./abstract/weierstrass.js");
|
|
10
|
+
const htf = require("./abstract/hash-to-curve.js");
|
|
10
11
|
// NIST secp521r1 aka P521
|
|
11
12
|
// Note that it's 521, which differs from 512 of its hash function.
|
|
12
13
|
// https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521
|
|
@@ -35,8 +36,7 @@ exports.P521 = (0, _shortw_utils_js_1.createCurve)({
|
|
|
35
36
|
Gy: BigInt('0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'),
|
|
36
37
|
h: BigInt(1),
|
|
37
38
|
lowS: false,
|
|
38
|
-
// P521 keys could be 130, 131, 132 bytes
|
|
39
|
-
// We ensure all keys are 132 bytes.
|
|
39
|
+
// P521 keys could be 130, 131, 132 bytes. We normalize to 132 bytes.
|
|
40
40
|
// Does not replace validation; invalid keys would still be rejected.
|
|
41
41
|
normalizePrivateKey(key) {
|
|
42
42
|
if (typeof key === 'bigint')
|
|
@@ -46,16 +46,18 @@ exports.P521 = (0, _shortw_utils_js_1.createCurve)({
|
|
|
46
46
|
if (typeof key !== 'string' || !([130, 131, 132].includes(key.length))) {
|
|
47
47
|
throw new Error('Invalid key');
|
|
48
48
|
}
|
|
49
|
-
return key.padStart(66 * 2, '0');
|
|
50
|
-
},
|
|
51
|
-
mapToCurve: (scalars) => mapSWU(scalars[0]),
|
|
52
|
-
htfDefaults: {
|
|
53
|
-
DST: 'P521_XMD:SHA-512_SSWU_RO_',
|
|
54
|
-
p: Fp.ORDER,
|
|
55
|
-
m: 1,
|
|
56
|
-
k: 256,
|
|
57
|
-
expand: 'xmd',
|
|
58
|
-
hash: sha512_1.sha512,
|
|
49
|
+
return key.padStart(66 * 2, '0'); // ensure it's always 132 bytes
|
|
59
50
|
},
|
|
60
51
|
}, sha512_1.sha512);
|
|
61
52
|
exports.secp521r1 = exports.P521;
|
|
53
|
+
const { hashToCurve, encodeToCurve } = htf.hashToCurve(exports.secp521r1.ProjectivePoint, (scalars) => mapSWU(scalars[0]), {
|
|
54
|
+
DST: 'P521_XMD:SHA-512_SSWU_RO_',
|
|
55
|
+
encodeDST: 'P521_XMD:SHA-512_SSWU_NU_',
|
|
56
|
+
p: Fp.ORDER,
|
|
57
|
+
m: 1,
|
|
58
|
+
k: 256,
|
|
59
|
+
expand: 'xmd',
|
|
60
|
+
hash: sha512_1.sha512,
|
|
61
|
+
});
|
|
62
|
+
exports.hashToCurve = hashToCurve;
|
|
63
|
+
exports.encodeToCurve = encodeToCurve;
|
package/lib/secp256k1.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { PointType } from './abstract/weierstrass.js';
|
|
2
|
-
import { Hex, PrivKey } from './abstract/utils.js';
|
|
1
|
+
import { ProjPointType as PointType } from './abstract/weierstrass.js';
|
|
2
|
+
import { Hex, bytesToNumberBE as bytesToNum, PrivKey } from './abstract/utils.js';
|
|
3
|
+
import * as htf from './abstract/hash-to-curve.js';
|
|
3
4
|
export declare const secp256k1: Readonly<{
|
|
4
5
|
create: (hash: import("./abstract/utils.js").CHash) => import("./abstract/weierstrass.js").CurveFn;
|
|
5
6
|
CURVE: Readonly<{
|
|
@@ -25,52 +26,34 @@ export declare const secp256k1: Readonly<{
|
|
|
25
26
|
k2: bigint;
|
|
26
27
|
};
|
|
27
28
|
} | undefined;
|
|
28
|
-
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").
|
|
29
|
-
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").
|
|
30
|
-
readonly htfDefaults?: import("./abstract/hash-to-curve.js").htfOpts | undefined;
|
|
31
|
-
readonly mapToCurve?: ((scalar: bigint[]) => {
|
|
32
|
-
x: bigint;
|
|
33
|
-
y: bigint;
|
|
34
|
-
}) | undefined;
|
|
29
|
+
readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: PointType<bigint>) => boolean) | undefined;
|
|
30
|
+
readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: PointType<bigint>) => PointType<bigint>) | undefined;
|
|
35
31
|
lowS: boolean;
|
|
36
32
|
readonly hash: import("./abstract/utils.js").CHash;
|
|
37
33
|
readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
38
34
|
readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
|
|
39
|
-
readonly
|
|
35
|
+
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
36
|
+
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
40
37
|
}>;
|
|
41
38
|
getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
42
|
-
getSharedSecret: (privateA: PrivKey, publicB:
|
|
39
|
+
getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
|
43
40
|
sign: (msgHash: Hex, privKey: PrivKey, opts?: import("./abstract/weierstrass.js").SignOpts | undefined) => import("./abstract/weierstrass.js").SignatureType;
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
} | undefined) => boolean;
|
|
48
|
-
|
|
49
|
-
ProjectivePoint: import("./abstract/weierstrass.js").ProjectiveConstructor<bigint>;
|
|
41
|
+
verify: (signature: Hex | {
|
|
42
|
+
r: bigint;
|
|
43
|
+
s: bigint;
|
|
44
|
+
}, msgHash: Hex, publicKey: Hex, opts?: import("./abstract/weierstrass.js").VerOpts | undefined) => boolean;
|
|
45
|
+
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
50
46
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
51
47
|
utils: {
|
|
52
|
-
_bigintToBytes: (num: bigint) => Uint8Array;
|
|
53
|
-
_bigintToString: (num: bigint) => string;
|
|
54
48
|
_normalizePrivateKey: (key: PrivKey) => bigint;
|
|
55
|
-
_normalizePublicKey: (publicKey: import("./abstract/weierstrass.js").PubKey) => PointType<bigint>;
|
|
56
|
-
_isWithinCurveOrder: (num: bigint) => boolean;
|
|
57
|
-
_isValidFieldElement: (num: bigint) => boolean;
|
|
58
|
-
_weierstrassEquation: (x: bigint) => bigint;
|
|
59
49
|
isValidPrivateKey(privateKey: PrivKey): boolean;
|
|
60
50
|
hashToPrivateKey: (hash: Hex) => Uint8Array;
|
|
61
51
|
randomPrivateKey: () => Uint8Array;
|
|
62
52
|
};
|
|
63
53
|
}>;
|
|
64
|
-
|
|
65
|
-
declare
|
|
66
|
-
|
|
67
|
-
readonly s: bigint;
|
|
68
|
-
constructor(r: bigint, s: bigint);
|
|
69
|
-
static fromHex(hex: Hex): SchnorrSignature;
|
|
70
|
-
assertValidity(): void;
|
|
71
|
-
toHex(): string;
|
|
72
|
-
toRawBytes(): Uint8Array;
|
|
73
|
-
}
|
|
54
|
+
declare function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array;
|
|
55
|
+
declare function lift_x(x: bigint): PointType<bigint>;
|
|
56
|
+
declare function schnorrGetPublicKey(privateKey: PrivKey): Uint8Array;
|
|
74
57
|
/**
|
|
75
58
|
* Synchronously creates Schnorr signature. Improved security: verifies itself before
|
|
76
59
|
* producing an output.
|
|
@@ -78,15 +61,20 @@ declare class SchnorrSignature {
|
|
|
78
61
|
* @param privateKey private key
|
|
79
62
|
* @param auxRand random bytes that would be added to k. Bad RNG won't break it.
|
|
80
63
|
*/
|
|
81
|
-
declare function schnorrSign(message: Hex, privateKey:
|
|
64
|
+
declare function schnorrSign(message: Hex, privateKey: Hex, auxRand?: Hex): Uint8Array;
|
|
82
65
|
/**
|
|
83
66
|
* Verifies Schnorr signature synchronously.
|
|
84
67
|
*/
|
|
85
68
|
declare function schnorrVerify(signature: Hex, message: Hex, publicKey: Hex): boolean;
|
|
86
69
|
export declare const schnorr: {
|
|
87
|
-
|
|
88
|
-
getPublicKey: (privateKey: PrivKey) => Uint8Array;
|
|
70
|
+
getPublicKey: typeof schnorrGetPublicKey;
|
|
89
71
|
sign: typeof schnorrSign;
|
|
90
72
|
verify: typeof schnorrVerify;
|
|
73
|
+
utils: {
|
|
74
|
+
lift_x: typeof lift_x;
|
|
75
|
+
int: typeof bytesToNum;
|
|
76
|
+
taggedHash: typeof taggedHash;
|
|
77
|
+
};
|
|
91
78
|
};
|
|
92
|
-
|
|
79
|
+
declare const hashToCurve: (msg: Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
|
80
|
+
export { hashToCurve, encodeToCurve };
|