@noble/curves 0.6.3 → 0.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/_shortw_utils.d.ts +2 -1
- package/lib/abstract/weierstrass.d.ts +2 -1
- package/lib/abstract/weierstrass.js +10 -2
- package/lib/esm/abstract/weierstrass.js +10 -2
- package/lib/p192.d.ts +4 -2
- package/lib/p224.d.ts +4 -2
- package/lib/p256.d.ts +4 -2
- package/lib/p384.d.ts +4 -2
- package/lib/p521.d.ts +4 -2
- package/lib/secp256k1.d.ts +2 -1
- package/lib/stark.d.ts +2 -1
- package/package.json +1 -1
package/lib/_shortw_utils.d.ts
CHANGED
|
@@ -51,10 +51,11 @@ export declare function createCurve(curveDef: CurveDef, defHash: CHash): Readonl
|
|
|
51
51
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
52
52
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
53
53
|
utils: {
|
|
54
|
-
|
|
54
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
55
55
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
56
56
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
57
57
|
randomPrivateKey: () => Uint8Array;
|
|
58
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
58
59
|
};
|
|
59
60
|
}>;
|
|
60
61
|
export {};
|
|
@@ -158,10 +158,11 @@ export declare type CurveFn = {
|
|
|
158
158
|
ProjectivePoint: ProjConstructor<bigint>;
|
|
159
159
|
Signature: SignatureConstructor;
|
|
160
160
|
utils: {
|
|
161
|
-
|
|
161
|
+
normPrivateKeyToScalar: (key: PrivKey) => bigint;
|
|
162
162
|
isValidPrivateKey(privateKey: PrivKey): boolean;
|
|
163
163
|
hashToPrivateKey: (hash: Hex) => Uint8Array;
|
|
164
164
|
randomPrivateKey: () => Uint8Array;
|
|
165
|
+
precompute: (windowSize?: number, point?: ProjPointType<bigint>) => ProjPointType<bigint>;
|
|
165
166
|
};
|
|
166
167
|
};
|
|
167
168
|
export declare function weierstrass(curveDef: CurveType): CurveFn;
|
|
@@ -708,7 +708,7 @@ function weierstrass(curveDef) {
|
|
|
708
708
|
return false;
|
|
709
709
|
}
|
|
710
710
|
},
|
|
711
|
-
|
|
711
|
+
normPrivateKeyToScalar: normalizePrivateKey,
|
|
712
712
|
/**
|
|
713
713
|
* Converts some bytes to a valid private key. Needs at least (nBitLength+64) bytes.
|
|
714
714
|
*/
|
|
@@ -842,7 +842,15 @@ function weierstrass(curveDef) {
|
|
|
842
842
|
const r = modN(q.x); // r = q.x mod n
|
|
843
843
|
if (r === _0n)
|
|
844
844
|
return;
|
|
845
|
-
|
|
845
|
+
// X blinding according to https://tches.iacr.org/index.php/TCHES/article/view/7337/6509
|
|
846
|
+
// b * m + b * r * d ∈ [0,q−1] exposed via side-channel, but d (private scalar) is not.
|
|
847
|
+
// NOTE: there is still probable some leak in multiplication, since it is not constant-time
|
|
848
|
+
const b = ut.bytesToNumberBE(utils.randomPrivateKey()); // random scalar, b ∈ [1,q−1]
|
|
849
|
+
const bi = invN(b); // b^-1
|
|
850
|
+
const bdr = modN(b * d * r); // b * d * r
|
|
851
|
+
const bm = modN(b * m); // b * m
|
|
852
|
+
const mrx = modN(bi * modN(bdr + bm)); // b^-1(bm + bdr) -> m + rd
|
|
853
|
+
const s = modN(ik * mrx); // s = k^-1(m + rd) mod n
|
|
846
854
|
if (s === _0n)
|
|
847
855
|
return;
|
|
848
856
|
let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n)
|
|
@@ -704,7 +704,7 @@ export function weierstrass(curveDef) {
|
|
|
704
704
|
return false;
|
|
705
705
|
}
|
|
706
706
|
},
|
|
707
|
-
|
|
707
|
+
normPrivateKeyToScalar: normalizePrivateKey,
|
|
708
708
|
/**
|
|
709
709
|
* Converts some bytes to a valid private key. Needs at least (nBitLength+64) bytes.
|
|
710
710
|
*/
|
|
@@ -838,7 +838,15 @@ export function weierstrass(curveDef) {
|
|
|
838
838
|
const r = modN(q.x); // r = q.x mod n
|
|
839
839
|
if (r === _0n)
|
|
840
840
|
return;
|
|
841
|
-
|
|
841
|
+
// X blinding according to https://tches.iacr.org/index.php/TCHES/article/view/7337/6509
|
|
842
|
+
// b * m + b * r * d ∈ [0,q−1] exposed via side-channel, but d (private scalar) is not.
|
|
843
|
+
// NOTE: there is still probable some leak in multiplication, since it is not constant-time
|
|
844
|
+
const b = ut.bytesToNumberBE(utils.randomPrivateKey()); // random scalar, b ∈ [1,q−1]
|
|
845
|
+
const bi = invN(b); // b^-1
|
|
846
|
+
const bdr = modN(b * d * r); // b * d * r
|
|
847
|
+
const bm = modN(b * m); // b * m
|
|
848
|
+
const mrx = modN(bi * modN(bdr + bm)); // b^-1(bm + bdr) -> m + rd
|
|
849
|
+
const s = modN(ik * mrx); // s = k^-1(m + rd) mod n
|
|
842
850
|
if (s === _0n)
|
|
843
851
|
return;
|
|
844
852
|
let recovery = (q.x === r ? 0 : 2) | Number(q.y & _1n); // recovery bit (2 or 3, when q.x > n)
|
package/lib/p192.d.ts
CHANGED
|
@@ -42,10 +42,11 @@ export declare const P192: Readonly<{
|
|
|
42
42
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
43
43
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
44
44
|
utils: {
|
|
45
|
-
|
|
45
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
46
46
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
47
47
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
48
48
|
randomPrivateKey: () => Uint8Array;
|
|
49
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
49
50
|
};
|
|
50
51
|
}>;
|
|
51
52
|
export declare const secp192r1: Readonly<{
|
|
@@ -92,9 +93,10 @@ export declare const secp192r1: Readonly<{
|
|
|
92
93
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
93
94
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
94
95
|
utils: {
|
|
95
|
-
|
|
96
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
96
97
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
97
98
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
98
99
|
randomPrivateKey: () => Uint8Array;
|
|
100
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
99
101
|
};
|
|
100
102
|
}>;
|
package/lib/p224.d.ts
CHANGED
|
@@ -42,10 +42,11 @@ export declare const P224: Readonly<{
|
|
|
42
42
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
43
43
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
44
44
|
utils: {
|
|
45
|
-
|
|
45
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
46
46
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
47
47
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
48
48
|
randomPrivateKey: () => Uint8Array;
|
|
49
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
49
50
|
};
|
|
50
51
|
}>;
|
|
51
52
|
export declare const secp224r1: Readonly<{
|
|
@@ -92,9 +93,10 @@ export declare const secp224r1: Readonly<{
|
|
|
92
93
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
93
94
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
94
95
|
utils: {
|
|
95
|
-
|
|
96
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
96
97
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
97
98
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
98
99
|
randomPrivateKey: () => Uint8Array;
|
|
100
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
99
101
|
};
|
|
100
102
|
}>;
|
package/lib/p256.d.ts
CHANGED
|
@@ -43,10 +43,11 @@ export declare const P256: Readonly<{
|
|
|
43
43
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
44
44
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
45
45
|
utils: {
|
|
46
|
-
|
|
46
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
47
47
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
48
48
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
49
49
|
randomPrivateKey: () => Uint8Array;
|
|
50
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
50
51
|
};
|
|
51
52
|
}>;
|
|
52
53
|
export declare const secp256r1: Readonly<{
|
|
@@ -93,10 +94,11 @@ export declare const secp256r1: Readonly<{
|
|
|
93
94
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
94
95
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
95
96
|
utils: {
|
|
96
|
-
|
|
97
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
97
98
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
98
99
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
99
100
|
randomPrivateKey: () => Uint8Array;
|
|
101
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
100
102
|
};
|
|
101
103
|
}>;
|
|
102
104
|
declare const hashToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
package/lib/p384.d.ts
CHANGED
|
@@ -43,10 +43,11 @@ export declare const P384: Readonly<{
|
|
|
43
43
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
44
44
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
45
45
|
utils: {
|
|
46
|
-
|
|
46
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
47
47
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
48
48
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
49
49
|
randomPrivateKey: () => Uint8Array;
|
|
50
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
50
51
|
};
|
|
51
52
|
}>;
|
|
52
53
|
export declare const secp384r1: Readonly<{
|
|
@@ -93,10 +94,11 @@ export declare const secp384r1: Readonly<{
|
|
|
93
94
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
94
95
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
95
96
|
utils: {
|
|
96
|
-
|
|
97
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
97
98
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
98
99
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
99
100
|
randomPrivateKey: () => Uint8Array;
|
|
101
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
100
102
|
};
|
|
101
103
|
}>;
|
|
102
104
|
declare const hashToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
package/lib/p521.d.ts
CHANGED
|
@@ -43,10 +43,11 @@ export declare const P521: Readonly<{
|
|
|
43
43
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
44
44
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
45
45
|
utils: {
|
|
46
|
-
|
|
46
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
47
47
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
48
48
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
49
49
|
randomPrivateKey: () => Uint8Array;
|
|
50
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
50
51
|
};
|
|
51
52
|
}>;
|
|
52
53
|
export declare const secp521r1: Readonly<{
|
|
@@ -93,10 +94,11 @@ export declare const secp521r1: Readonly<{
|
|
|
93
94
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
94
95
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
95
96
|
utils: {
|
|
96
|
-
|
|
97
|
+
normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
|
|
97
98
|
isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
|
|
98
99
|
hashToPrivateKey: (hash: import("./abstract/utils.js").Hex) => Uint8Array;
|
|
99
100
|
randomPrivateKey: () => Uint8Array;
|
|
101
|
+
precompute: (windowSize?: number | undefined, point?: import("./abstract/weierstrass.js").ProjPointType<bigint> | undefined) => import("./abstract/weierstrass.js").ProjPointType<bigint>;
|
|
100
102
|
};
|
|
101
103
|
}>;
|
|
102
104
|
declare const hashToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>, encodeToCurve: (msg: import("./abstract/utils.js").Hex, options?: htf.htfBasicOpts | undefined) => htf.H2CPoint<bigint>;
|
package/lib/secp256k1.d.ts
CHANGED
|
@@ -46,10 +46,11 @@ export declare const secp256k1: Readonly<{
|
|
|
46
46
|
ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>;
|
|
47
47
|
Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
48
48
|
utils: {
|
|
49
|
-
|
|
49
|
+
normPrivateKeyToScalar: (key: PrivKey) => bigint;
|
|
50
50
|
isValidPrivateKey(privateKey: PrivKey): boolean;
|
|
51
51
|
hashToPrivateKey: (hash: Hex) => Uint8Array;
|
|
52
52
|
randomPrivateKey: () => Uint8Array;
|
|
53
|
+
precompute: (windowSize?: number | undefined, point?: PointType<bigint> | undefined) => PointType<bigint>;
|
|
53
54
|
};
|
|
54
55
|
}>;
|
|
55
56
|
declare function taggedHash(tag: string, ...messages: Uint8Array[]): Uint8Array;
|
package/lib/stark.d.ts
CHANGED
|
@@ -40,10 +40,11 @@ declare const CURVE: Readonly<{
|
|
|
40
40
|
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
41
41
|
}>, ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>, Signature: import("./abstract/weierstrass.js").SignatureConstructor;
|
|
42
42
|
export declare const utils: {
|
|
43
|
-
|
|
43
|
+
normPrivateKeyToScalar: (key: cutils.PrivKey) => bigint;
|
|
44
44
|
isValidPrivateKey(privateKey: cutils.PrivKey): boolean;
|
|
45
45
|
hashToPrivateKey: (hash: cutils.Hex) => Uint8Array;
|
|
46
46
|
randomPrivateKey: () => Uint8Array;
|
|
47
|
+
precompute: (windowSize?: number | undefined, point?: ProjPointType<bigint> | undefined) => ProjPointType<bigint>;
|
|
47
48
|
};
|
|
48
49
|
export { CURVE, Signature, ProjectivePoint, getPublicKey0x as getPublicKey, getSharedSecret0x as getSharedSecret, sign0x as sign, verify0x as verify, };
|
|
49
50
|
export declare const bytesToHexEth: (uint8a: Uint8Array) => string;
|