@noble/curves 0.8.1 → 0.8.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +162 -131
- package/_shortw_utils.d.ts +1 -1
- package/_shortw_utils.d.ts.map +1 -1
- package/_shortw_utils.js +13 -8
- package/_shortw_utils.js.map +1 -1
- package/abstract/bls.d.ts +4 -4
- package/abstract/bls.d.ts.map +1 -1
- package/abstract/bls.js +16 -12
- package/abstract/bls.js.map +1 -1
- package/abstract/curve.d.ts +4 -4
- package/abstract/curve.d.ts.map +1 -1
- package/abstract/curve.js +12 -7
- package/abstract/curve.js.map +1 -1
- package/abstract/edwards.d.ts +2 -2
- package/abstract/edwards.d.ts.map +1 -1
- package/abstract/edwards.js +20 -16
- package/abstract/edwards.js.map +1 -1
- package/abstract/hash-to-curve.d.ts +4 -4
- package/abstract/hash-to-curve.d.ts.map +1 -1
- package/abstract/hash-to-curve.js +26 -18
- package/abstract/hash-to-curve.js.map +1 -1
- package/abstract/modular.d.ts +1 -1
- package/abstract/modular.d.ts.map +1 -1
- package/abstract/modular.js +44 -24
- package/abstract/modular.js.map +1 -1
- package/abstract/montgomery.d.ts +3 -3
- package/abstract/montgomery.d.ts.map +1 -1
- package/abstract/montgomery.js +15 -11
- package/abstract/montgomery.js.map +1 -1
- package/abstract/poseidon.d.ts +1 -1
- package/abstract/poseidon.d.ts.map +1 -1
- package/abstract/poseidon.js +12 -6
- package/abstract/poseidon.js.map +1 -1
- package/abstract/utils.d.ts +7 -7
- package/abstract/utils.d.ts.map +1 -1
- package/abstract/utils.js +41 -19
- package/abstract/utils.js.map +1 -1
- package/abstract/weierstrass.d.ts +13 -13
- package/abstract/weierstrass.d.ts.map +1 -1
- package/abstract/weierstrass.js +28 -21
- package/abstract/weierstrass.js.map +1 -1
- package/bls12-381.d.ts +10 -10
- package/bls12-381.d.ts.map +1 -1
- package/bls12-381.js +66 -63
- package/bls12-381.js.map +1 -1
- package/bn.js +10 -7
- package/bn.js.map +1 -1
- package/ed25519.d.ts +1 -1
- package/ed25519.d.ts.map +1 -1
- package/ed25519.js +78 -72
- package/ed25519.js.map +1 -1
- package/ed448.js +41 -37
- package/ed448.js.map +1 -1
- package/esm/ed25519.js +2 -1
- package/esm/ed25519.js.map +1 -1
- package/jubjub.js +22 -17
- package/jubjub.js.map +1 -1
- package/p256.js +17 -13
- package/p256.js.map +1 -1
- package/p384.js +17 -13
- package/p384.js.map +1 -1
- package/p521.js +17 -13
- package/p521.js.map +1 -1
- package/package.json +5 -5
- package/pasta.js +19 -16
- package/pasta.js.map +1 -1
- package/secp256k1.js +57 -53
- package/secp256k1.js.map +1 -1
package/abstract/utils.js
CHANGED
|
@@ -1,10 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateObject = exports.createHmacDrbg = exports.bitMask = exports.bitSet = exports.bitGet = exports.bitLen = exports.utf8ToBytes = exports.equalBytes = exports.concatBytes = exports.ensureBytes = exports.numberToVarBytesBE = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = void 0;
|
|
1
4
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
5
|
const _0n = BigInt(0);
|
|
3
6
|
const _1n = BigInt(1);
|
|
4
7
|
const _2n = BigInt(2);
|
|
5
8
|
const u8a = (a) => a instanceof Uint8Array;
|
|
6
9
|
const hexes = Array.from({ length: 256 }, (v, i) => i.toString(16).padStart(2, '0'));
|
|
7
|
-
|
|
10
|
+
function bytesToHex(bytes) {
|
|
8
11
|
if (!u8a(bytes))
|
|
9
12
|
throw new Error('Uint8Array expected');
|
|
10
13
|
// pre-caching improves the speed 6x
|
|
@@ -14,18 +17,21 @@ export function bytesToHex(bytes) {
|
|
|
14
17
|
}
|
|
15
18
|
return hex;
|
|
16
19
|
}
|
|
17
|
-
|
|
20
|
+
exports.bytesToHex = bytesToHex;
|
|
21
|
+
function numberToHexUnpadded(num) {
|
|
18
22
|
const hex = num.toString(16);
|
|
19
23
|
return hex.length & 1 ? `0${hex}` : hex;
|
|
20
24
|
}
|
|
21
|
-
|
|
25
|
+
exports.numberToHexUnpadded = numberToHexUnpadded;
|
|
26
|
+
function hexToNumber(hex) {
|
|
22
27
|
if (typeof hex !== 'string')
|
|
23
28
|
throw new Error('hex string expected, got ' + typeof hex);
|
|
24
29
|
// Big Endian
|
|
25
30
|
return BigInt(hex === '' ? '0' : `0x${hex}`);
|
|
26
31
|
}
|
|
32
|
+
exports.hexToNumber = hexToNumber;
|
|
27
33
|
// Caching slows it down 2-3x
|
|
28
|
-
|
|
34
|
+
function hexToBytes(hex) {
|
|
29
35
|
if (typeof hex !== 'string')
|
|
30
36
|
throw new Error('hex string expected, got ' + typeof hex);
|
|
31
37
|
if (hex.length % 2)
|
|
@@ -41,20 +47,26 @@ export function hexToBytes(hex) {
|
|
|
41
47
|
}
|
|
42
48
|
return array;
|
|
43
49
|
}
|
|
50
|
+
exports.hexToBytes = hexToBytes;
|
|
44
51
|
// Big Endian
|
|
45
|
-
|
|
52
|
+
function bytesToNumberBE(bytes) {
|
|
46
53
|
return hexToNumber(bytesToHex(bytes));
|
|
47
54
|
}
|
|
48
|
-
|
|
55
|
+
exports.bytesToNumberBE = bytesToNumberBE;
|
|
56
|
+
function bytesToNumberLE(bytes) {
|
|
49
57
|
if (!u8a(bytes))
|
|
50
58
|
throw new Error('Uint8Array expected');
|
|
51
59
|
return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse()));
|
|
52
60
|
}
|
|
53
|
-
|
|
54
|
-
|
|
61
|
+
exports.bytesToNumberLE = bytesToNumberLE;
|
|
62
|
+
const numberToBytesBE = (n, len) => hexToBytes(n.toString(16).padStart(len * 2, '0'));
|
|
63
|
+
exports.numberToBytesBE = numberToBytesBE;
|
|
64
|
+
const numberToBytesLE = (n, len) => (0, exports.numberToBytesBE)(n, len).reverse();
|
|
65
|
+
exports.numberToBytesLE = numberToBytesLE;
|
|
55
66
|
// Returns variable number bytes (minimal bigint encoding?)
|
|
56
|
-
|
|
57
|
-
|
|
67
|
+
const numberToVarBytesBE = (n) => hexToBytes(numberToHexUnpadded(n));
|
|
68
|
+
exports.numberToVarBytesBE = numberToVarBytesBE;
|
|
69
|
+
function ensureBytes(title, hex, expectedLength) {
|
|
58
70
|
let res;
|
|
59
71
|
if (typeof hex === 'string') {
|
|
60
72
|
try {
|
|
@@ -77,8 +89,9 @@ export function ensureBytes(title, hex, expectedLength) {
|
|
|
77
89
|
throw new Error(`${title} expected ${expectedLength} bytes, got ${len}`);
|
|
78
90
|
return res;
|
|
79
91
|
}
|
|
92
|
+
exports.ensureBytes = ensureBytes;
|
|
80
93
|
// Copies several Uint8Arrays into one.
|
|
81
|
-
|
|
94
|
+
function concatBytes(...arrs) {
|
|
82
95
|
const r = new Uint8Array(arrs.reduce((sum, a) => sum + a.length, 0));
|
|
83
96
|
let pad = 0; // walk through each item, ensure they have proper type
|
|
84
97
|
arrs.forEach((a) => {
|
|
@@ -89,7 +102,8 @@ export function concatBytes(...arrs) {
|
|
|
89
102
|
});
|
|
90
103
|
return r;
|
|
91
104
|
}
|
|
92
|
-
|
|
105
|
+
exports.concatBytes = concatBytes;
|
|
106
|
+
function equalBytes(b1, b2) {
|
|
93
107
|
// We don't care about timing attacks here
|
|
94
108
|
if (b1.length !== b2.length)
|
|
95
109
|
return false;
|
|
@@ -98,28 +112,34 @@ export function equalBytes(b1, b2) {
|
|
|
98
112
|
return false;
|
|
99
113
|
return true;
|
|
100
114
|
}
|
|
101
|
-
|
|
115
|
+
exports.equalBytes = equalBytes;
|
|
116
|
+
function utf8ToBytes(str) {
|
|
102
117
|
if (typeof str !== 'string') {
|
|
103
118
|
throw new Error(`utf8ToBytes expected string, got ${typeof str}`);
|
|
104
119
|
}
|
|
105
120
|
return new TextEncoder().encode(str);
|
|
106
121
|
}
|
|
122
|
+
exports.utf8ToBytes = utf8ToBytes;
|
|
107
123
|
// Bit operations
|
|
108
124
|
// Amount of bits inside bigint (Same as n.toString(2).length)
|
|
109
|
-
|
|
125
|
+
function bitLen(n) {
|
|
110
126
|
let len;
|
|
111
127
|
for (len = 0; n > 0n; n >>= _1n, len += 1)
|
|
112
128
|
;
|
|
113
129
|
return len;
|
|
114
130
|
}
|
|
131
|
+
exports.bitLen = bitLen;
|
|
115
132
|
// Gets single bit at position. NOTE: first bit position is 0 (same as arrays)
|
|
116
133
|
// Same as !!+Array.from(n.toString(2)).reverse()[pos]
|
|
117
|
-
|
|
134
|
+
const bitGet = (n, pos) => (n >> BigInt(pos)) & 1n;
|
|
135
|
+
exports.bitGet = bitGet;
|
|
118
136
|
// Sets single bit at position
|
|
119
|
-
|
|
137
|
+
const bitSet = (n, pos, value) => n | ((value ? _1n : _0n) << BigInt(pos));
|
|
138
|
+
exports.bitSet = bitSet;
|
|
120
139
|
// Return mask for N bits (Same as BigInt(`0b${Array(i).fill('1').join('')}`))
|
|
121
140
|
// Not using ** operator with bigints for old engines.
|
|
122
|
-
|
|
141
|
+
const bitMask = (n) => (_2n << BigInt(n - 1)) - _1n;
|
|
142
|
+
exports.bitMask = bitMask;
|
|
123
143
|
// DRBG
|
|
124
144
|
const u8n = (data) => new Uint8Array(data); // creates Uint8Array
|
|
125
145
|
const u8fr = (arr) => Uint8Array.from(arr); // another shortcut
|
|
@@ -130,7 +150,7 @@ const u8fr = (arr) => Uint8Array.from(arr); // another shortcut
|
|
|
130
150
|
* const drbg = createHmacDRBG<Key>(32, 32, hmac);
|
|
131
151
|
* drbg(seed, bytesToKey); // bytesToKey must return Key or undefined
|
|
132
152
|
*/
|
|
133
|
-
|
|
153
|
+
function createHmacDrbg(hashLen, qByteLen, hmacFn) {
|
|
134
154
|
if (typeof hashLen !== 'number' || hashLen < 2)
|
|
135
155
|
throw new Error('hashLen must be a number');
|
|
136
156
|
if (typeof qByteLen !== 'number' || qByteLen < 2)
|
|
@@ -181,6 +201,7 @@ export function createHmacDrbg(hashLen, qByteLen, hmacFn) {
|
|
|
181
201
|
};
|
|
182
202
|
return genUntil;
|
|
183
203
|
}
|
|
204
|
+
exports.createHmacDrbg = createHmacDrbg;
|
|
184
205
|
// Validating curves and fields
|
|
185
206
|
const validatorFns = {
|
|
186
207
|
bigint: (val) => typeof val === 'bigint',
|
|
@@ -193,7 +214,7 @@ const validatorFns = {
|
|
|
193
214
|
hash: (val) => typeof val === 'function' && Number.isSafeInteger(val.outputLen),
|
|
194
215
|
};
|
|
195
216
|
// type Record<K extends string | number | symbol, T> = { [P in K]: T; }
|
|
196
|
-
|
|
217
|
+
function validateObject(object, validators, optValidators = {}) {
|
|
197
218
|
const checkField = (fieldName, type, isOptional) => {
|
|
198
219
|
const checkVal = validatorFns[type];
|
|
199
220
|
if (typeof checkVal !== 'function')
|
|
@@ -211,6 +232,7 @@ export function validateObject(object, validators, optValidators = {}) {
|
|
|
211
232
|
checkField(fieldName, type, true);
|
|
212
233
|
return object;
|
|
213
234
|
}
|
|
235
|
+
exports.validateObject = validateObject;
|
|
214
236
|
// validate type tests
|
|
215
237
|
// const o: { a: number; b: number; c: number } = { a: 1, b: 5, c: 6 };
|
|
216
238
|
// const z0 = validateObject(o, { a: 'isSafeInteger' }, { c: 'bigint' }); // Ok!
|
package/abstract/utils.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAcjE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF,
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/abstract/utils.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,CAAC,CAAM,EAAmB,EAAE,CAAC,CAAC,YAAY,UAAU,CAAC;AAcjE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACrF,SAAgB,UAAU,CAAC,KAAiB;IAC1C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,oCAAoC;IACpC,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AARD,gCAQC;AAED,SAAgB,mBAAmB,CAAC,GAAoB;IACtD,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1C,CAAC;AAHD,kDAGC;AAED,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,aAAa;IACb,OAAO,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC/C,CAAC;AAJD,kCAIC;AAED,6BAA6B;AAC7B,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,CAAC;IACvF,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACrC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7E,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;KACjB;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAZD,gCAYC;AAED,aAAa;AACb,SAAgB,eAAe,CAAC,KAAiB;IAC/C,OAAO,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0CAEC;AACD,SAAgB,eAAe,CAAC,KAAiB;IAC/C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACxD,OAAO,WAAW,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;AACnE,CAAC;AAHD,0CAGC;AAEM,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CACxD,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AADvC,QAAA,eAAe,mBACwB;AAC7C,MAAM,eAAe,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,IAAA,uBAAe,EAAC,CAAC,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;AAAhF,QAAA,eAAe,mBAAiE;AAC7F,2DAA2D;AACpD,MAAM,kBAAkB,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;AAAvE,QAAA,kBAAkB,sBAAqD;AAEpF,SAAgB,WAAW,CAAC,KAAa,EAAE,GAAQ,EAAE,cAAuB;IAC1E,IAAI,GAAe,CAAC;IACpB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,IAAI;YACF,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;SACvB;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,GAAG,aAAa,CAAC,EAAE,CAAC,CAAC;SACjF;KACF;SAAM,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE;QACnB,mEAAmE;QACnE,sEAAsE;QACtE,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC5B;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mCAAmC,CAAC,CAAC;KAC9D;IACD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,GAAG,KAAK,cAAc;QAC9D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,aAAa,cAAc,eAAe,GAAG,EAAE,CAAC,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAnBD,kCAmBC;AAED,uCAAuC;AACvC,SAAgB,WAAW,CAAC,GAAG,IAAkB;IAC/C,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACrE,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,uDAAuD;IACpE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QACjB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACd,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;IAClB,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACX,CAAC;AATD,kCASC;AAED,SAAgB,UAAU,CAAC,EAAc,EAAE,EAAc;IACvD,0CAA0C;IAC1C,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IACtE,OAAO,IAAI,CAAC;AACd,CAAC;AALD,gCAKC;AAKD,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,GAAG,EAAE,CAAC,CAAC;KACnE;IACD,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AACvC,CAAC;AALD,kCAKC;AAED,iBAAiB;AAEjB,8DAA8D;AAC9D,SAAgB,MAAM,CAAC,CAAS;IAC9B,IAAI,GAAG,CAAC;IACR,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,CAAC;QAAC,CAAC;IAC3C,OAAO,GAAG,CAAC;AACb,CAAC;AAJD,wBAIC;AACD,8EAA8E;AAC9E,sDAAsD;AAC/C,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;AAA7D,QAAA,MAAM,UAAuD;AAC1E,8BAA8B;AACvB,MAAM,MAAM,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,KAAc,EAAE,EAAE,CAC/D,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AAD9B,QAAA,MAAM,UACwB;AAC3C,8EAA8E;AAC9E,sDAAsD;AAC/C,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;AAAtD,QAAA,OAAO,WAA+C;AAEnE,OAAO;AAEP,MAAM,GAAG,GAAG,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,qBAAqB;AACvE,MAAM,IAAI,GAAG,CAAC,GAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;AAEpE;;;;;;GAMG;AACH,SAAgB,cAAc,CAC5B,OAAe,EACf,QAAgB,EAChB,MAAkE;IAElE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC5F,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/F,IAAI,OAAO,MAAM,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/E,gDAAgD;IAChD,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,qEAAqE;IAC3F,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gDAAgD;IAC3D,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACV,CAAC,GAAG,CAAC,CAAC;IACR,CAAC,CAAC;IACF,MAAM,CAAC,GAAG,CAAC,GAAG,CAAe,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC9E,MAAM,MAAM,GAAG,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,EAAE;QAC9B,yCAAyC;QACzC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,mCAAmC;QAC9D,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,mBAAmB;IAC9B,CAAC,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,EAAE;QACf,gCAAgC;QAChC,IAAI,CAAC,EAAE,IAAI,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5D,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,GAAG,GAAiB,EAAE,CAAC;QAC7B,OAAO,GAAG,GAAG,QAAQ,EAAE;YACrB,CAAC,GAAG,CAAC,EAAE,CAAC;YACR,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC;YACrB,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACb,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;SACjB;QACD,OAAO,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;IAC7B,CAAC,CAAC;IACF,MAAM,QAAQ,GAAG,CAAC,IAAgB,EAAE,IAAa,EAAK,EAAE;QACtD,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY;QAC1B,IAAI,GAAG,GAAkB,SAAS,CAAC,CAAC,uCAAuC;QAC3E,OAAO,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YAAE,MAAM,EAAE,CAAC;QACtC,KAAK,EAAE,CAAC;QACR,OAAO,GAAG,CAAC;IACb,CAAC,CAAC;IACF,OAAO,QAAQ,CAAC;AAClB,CAAC;AAhDD,wCAgDC;AAED,+BAA+B;AAE/B,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,QAAQ,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU;IACjD,OAAO,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,SAAS;IAC/C,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,QAAQ;IAC7C,aAAa,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;IACtD,KAAK,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;IACvC,KAAK,EAAE,CAAC,GAAQ,EAAE,MAAW,EAAE,EAAE,CAAE,MAAc,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IACjE,IAAI,EAAE,CAAC,GAAQ,EAAE,EAAE,CAAC,OAAO,GAAG,KAAK,UAAU,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC;CAC5E,CAAC;AAGX,wEAAwE;AAExE,SAAgB,cAAc,CAC5B,MAAS,EACT,UAAqB,EACrB,gBAA2B,EAAE;IAE7B,MAAM,UAAU,GAAG,CAAC,SAAkB,EAAE,IAAe,EAAE,UAAmB,EAAE,EAAE;QAC9E,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,QAAQ,KAAK,UAAU;YAChC,MAAM,IAAI,KAAK,CAAC,sBAAsB,IAAI,sBAAsB,CAAC,CAAC;QAEpE,MAAM,GAAG,GAAG,MAAM,CAAC,SAAgC,CAAC,CAAC;QACrD,IAAI,UAAU,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE;YAC1B,MAAM,IAAI,KAAK,CACb,iBAAiB,MAAM,CAAC,SAAS,CAAC,IAAI,GAAG,KAAK,OAAO,GAAG,eAAe,IAAI,EAAE,CAC9E,CAAC;SACH;IACH,CAAC,CAAC;IACF,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,KAAK,CAAC,CAAC;IAChG,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,UAAU,CAAC,SAAS,EAAE,IAAK,EAAE,IAAI,CAAC,CAAC;IAClG,OAAO,MAAM,CAAC;AAChB,CAAC;AArBD,wCAqBC;AACD,sBAAsB;AACtB,uEAAuE;AACvE,gFAAgF;AAChF,4BAA4B;AAC5B,2DAA2D;AAC3D,qEAAqE;AACrE,+DAA+D;AAC/D,4DAA4D"}
|
|
@@ -4,8 +4,8 @@ import * as ut from './utils.js';
|
|
|
4
4
|
import { CHash, Hex, PrivKey } from './utils.js';
|
|
5
5
|
import { Group, GroupConstructor, BasicCurve, AffinePoint } from './curve.js';
|
|
6
6
|
export type { AffinePoint };
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
type HmacFnSync = (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
|
|
8
|
+
type EndomorphismOpts = {
|
|
9
9
|
beta: bigint;
|
|
10
10
|
splitScalar: (k: bigint) => {
|
|
11
11
|
k1neg: boolean;
|
|
@@ -14,7 +14,7 @@ declare type EndomorphismOpts = {
|
|
|
14
14
|
k2: bigint;
|
|
15
15
|
};
|
|
16
16
|
};
|
|
17
|
-
export
|
|
17
|
+
export type BasicWCurve<T> = BasicCurve<T> & {
|
|
18
18
|
a: T;
|
|
19
19
|
b: T;
|
|
20
20
|
allowedPrivateKeyLengths?: readonly number[];
|
|
@@ -23,13 +23,13 @@ export declare type BasicWCurve<T> = BasicCurve<T> & {
|
|
|
23
23
|
isTorsionFree?: (c: ProjConstructor<T>, point: ProjPointType<T>) => boolean;
|
|
24
24
|
clearCofactor?: (c: ProjConstructor<T>, point: ProjPointType<T>) => ProjPointType<T>;
|
|
25
25
|
};
|
|
26
|
-
|
|
27
|
-
export
|
|
26
|
+
type Entropy = Hex | true;
|
|
27
|
+
export type SignOpts = {
|
|
28
28
|
lowS?: boolean;
|
|
29
29
|
extraEntropy?: Entropy;
|
|
30
30
|
prehash?: boolean;
|
|
31
31
|
};
|
|
32
|
-
export
|
|
32
|
+
export type VerOpts = {
|
|
33
33
|
lowS?: boolean;
|
|
34
34
|
prehash?: boolean;
|
|
35
35
|
};
|
|
@@ -77,11 +77,11 @@ export interface ProjConstructor<T> extends GroupConstructor<ProjPointType<T>> {
|
|
|
77
77
|
fromPrivateKey(privateKey: PrivKey): ProjPointType<T>;
|
|
78
78
|
normalizeZ(points: ProjPointType<T>[]): ProjPointType<T>[];
|
|
79
79
|
}
|
|
80
|
-
export
|
|
80
|
+
export type CurvePointsType<T> = BasicWCurve<T> & {
|
|
81
81
|
fromBytes: (bytes: Uint8Array) => AffinePoint<T>;
|
|
82
82
|
toBytes: (c: ProjConstructor<T>, point: ProjPointType<T>, compressed: boolean) => Uint8Array;
|
|
83
83
|
};
|
|
84
|
-
export
|
|
84
|
+
export type CurvePointsRes<T> = {
|
|
85
85
|
ProjectivePoint: ProjConstructor<T>;
|
|
86
86
|
normPrivateKeyToScalar: (key: PrivKey) => bigint;
|
|
87
87
|
weierstrassEquation: (x: T) => T;
|
|
@@ -107,17 +107,17 @@ export interface SignatureType {
|
|
|
107
107
|
toDERRawBytes(isCompressed?: boolean): Uint8Array;
|
|
108
108
|
toDERHex(isCompressed?: boolean): string;
|
|
109
109
|
}
|
|
110
|
-
export
|
|
110
|
+
export type SignatureConstructor = {
|
|
111
111
|
new (r: bigint, s: bigint): SignatureType;
|
|
112
112
|
fromCompact(hex: Hex): SignatureType;
|
|
113
113
|
fromDER(hex: Hex): SignatureType;
|
|
114
114
|
};
|
|
115
|
-
|
|
115
|
+
type SignatureLike = {
|
|
116
116
|
r: bigint;
|
|
117
117
|
s: bigint;
|
|
118
118
|
};
|
|
119
|
-
export
|
|
120
|
-
export
|
|
119
|
+
export type PubKey = Hex | ProjPointType<bigint>;
|
|
120
|
+
export type CurveType = BasicWCurve<bigint> & {
|
|
121
121
|
hash: CHash;
|
|
122
122
|
hmac: HmacFnSync;
|
|
123
123
|
randomBytes: (bytesLength?: number) => Uint8Array;
|
|
@@ -149,7 +149,7 @@ declare function validateOpts(curve: CurveType): Readonly<{
|
|
|
149
149
|
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
150
150
|
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
151
151
|
}>;
|
|
152
|
-
export
|
|
152
|
+
export type CurveFn = {
|
|
153
153
|
CURVE: ReturnType<typeof validateOpts>;
|
|
154
154
|
getPublicKey: (privateKey: PrivKey, isCompressed?: boolean) => Uint8Array;
|
|
155
155
|
getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean) => Uint8Array;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"weierstrass.d.ts","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAe,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAEnG,YAAY,EAAE,WAAW,EAAE,CAAC;AAC5B,
|
|
1
|
+
{"version":3,"file":"weierstrass.d.ts","sourceRoot":"","sources":["../src/abstract/weierstrass.ts"],"names":[],"mappings":"AAAA,sEAAsE;AAEtE,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAe,MAAM,YAAY,CAAC;AAC9D,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAQ,UAAU,EAAiB,WAAW,EAAE,MAAM,YAAY,CAAC;AAEnG,YAAY,EAAE,WAAW,EAAE,CAAC;AAC5B,KAAK,UAAU,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,KAAK,UAAU,CAAC;AAC7E,KAAK,gBAAgB,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,OAAO,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;CACxF,CAAC;AACF,MAAM,MAAM,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG;IAE3C,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IAGL,wBAAwB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7C,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,IAAI,CAAC,EAAE,gBAAgB,CAAC;IAGxB,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC;IAE5E,aAAa,CAAC,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,CAAC;CACtF,CAAC;AAEF,KAAK,OAAO,GAAG,GAAG,GAAG,IAAI,CAAC;AAC1B,MAAM,MAAM,QAAQ,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AACrF,MAAM,MAAM,OAAO,GAAG;IAAE,IAAI,CAAC,EAAE,OAAO,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAAC;AAE5D;;;;;;;;;;;;;;;;;;;;GAoBG;AAGH,MAAM,WAAW,aAAa,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC/D,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAC3C,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACjC,aAAa,IAAI,OAAO,CAAC;IACzB,aAAa,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC;IAClC,cAAc,IAAI,IAAI,CAAC;IACvB,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,KAAK,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAEtC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACjD,oBAAoB,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC;IAC9F,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,eAAe,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAC5E,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACzC,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACpC,cAAc,CAAC,UAAU,EAAE,OAAO,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACtD,UAAU,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;CAC5D;AAED,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,GAAG;IAEhD,SAAS,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;IACjD,OAAO,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,OAAO,KAAK,UAAU,CAAC;CAC9F,CAAC;AAoCF,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI;IAC9B,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;IACpC,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IACjD,mBAAmB,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;IACjC,kBAAkB,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC;CAC9C,CAAC;AAuDF,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC;;kCAwBtB,OAAO,KAAG,MAAM;6BAhBrB,CAAC,KAAG,CAAC;8BAQJ,MAAM,KAAG,OAAO;EA+XlD;AAGD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,cAAc,IAAI,IAAI,CAAC;IACvB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,CAAC;IAChD,QAAQ,IAAI,OAAO,CAAC;IACpB,UAAU,IAAI,aAAa,CAAC;IAC5B,gBAAgB,CAAC,OAAO,EAAE,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtD,iBAAiB,IAAI,UAAU,CAAC;IAChC,YAAY,IAAI,MAAM,CAAC;IAEvB,aAAa,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAClD,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;CAC1C;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,aAAa,CAAC;IAC1C,WAAW,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;IACrC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC;CAClC,CAAC;AACF,KAAK,aAAa,GAAG;IAAE,CAAC,EAAE,MAAM,CAAC;IAAC,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE9C,MAAM,MAAM,MAAM,GAAG,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;AAEjD,MAAM,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG;IAC5C,IAAI,EAAE,KAAK,CAAC;IACZ,IAAI,EAAE,UAAU,CAAC;IACjB,WAAW,EAAE,CAAC,WAAW,CAAC,EAAE,MAAM,KAAK,UAAU,CAAC;IAClD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;IACzC,aAAa,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,MAAM,CAAC;CAC/C,CAAC;AAEF,iBAAS,YAAY,CAAC,KAAK,EAAE,SAAS;;;;;;;;;;;;;;;;;;;;;;;GAgBrC;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACvC,YAAY,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IAC1E,eAAe,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,YAAY,CAAC,EAAE,OAAO,KAAK,UAAU,CAAC;IACzF,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,KAAK,aAAa,CAAC;IACzE,MAAM,EAAE,CAAC,SAAS,EAAE,GAAG,GAAG,aAAa,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,OAAO,CAAC;IAClG,eAAe,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;IACzC,SAAS,EAAE,oBAAoB,CAAC;IAChC,KAAK,EAAE;QACL,sBAAsB,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;QACjD,iBAAiB,CAAC,UAAU,EAAE,OAAO,GAAG,OAAO,CAAC;QAChD,gBAAgB,EAAE,MAAM,UAAU,CAAC;QACnC,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,KAAK,aAAa,CAAC,MAAM,CAAC,CAAC;KAC3F,CAAC;CACH,CAAC;AAEF,wBAAgB,WAAW,CAAC,QAAQ,EAAE,SAAS,GAAG,OAAO,CAkZxD;AAOD,wBAAgB,cAAc,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,OAYlC,CAAC,KAAK,CAAC,KAAG;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,CAkD7D;AAED,wBAAgB,mBAAmB,CAAC,CAAC,EACnC,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAChB,IAAI,EAAE;IACJ,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;IACL,CAAC,EAAE,CAAC,CAAC;CACN,OASU,CAAC;OAAQ,CAAC;OAAK,CAAC;EA8B5B"}
|
package/abstract/weierstrass.js
CHANGED
|
@@ -1,11 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.mapToCurveSimpleSWU = exports.SWUFpSqrtRatio = exports.weierstrass = exports.weierstrassPoints = void 0;
|
|
1
4
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
5
|
// Short Weierstrass curve. The formula is: y² = x³ + ax + b
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
6
|
+
const mod = require("./modular.js");
|
|
7
|
+
const ut = require("./utils.js");
|
|
8
|
+
const utils_js_1 = require("./utils.js");
|
|
9
|
+
const curve_js_1 = require("./curve.js");
|
|
7
10
|
function validatePointOpts(curve) {
|
|
8
|
-
const opts = validateBasic(curve);
|
|
11
|
+
const opts = (0, curve_js_1.validateBasic)(curve);
|
|
9
12
|
ut.validateObject(opts, {
|
|
10
13
|
a: 'field',
|
|
11
14
|
b: 'field',
|
|
@@ -88,7 +91,7 @@ const DER = {
|
|
|
88
91
|
// Be friendly to bad ECMAScript parsers by not using bigint literals like 123n
|
|
89
92
|
const _0n = BigInt(0);
|
|
90
93
|
const _1n = BigInt(1);
|
|
91
|
-
|
|
94
|
+
function weierstrassPoints(opts) {
|
|
92
95
|
const CURVE = validatePointOpts(opts);
|
|
93
96
|
const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ
|
|
94
97
|
/**
|
|
@@ -126,7 +129,7 @@ export function weierstrassPoints(opts) {
|
|
|
126
129
|
num =
|
|
127
130
|
typeof key === 'bigint'
|
|
128
131
|
? key
|
|
129
|
-
: ut.bytesToNumberBE(ensureBytes('private key', key, nByteLength));
|
|
132
|
+
: ut.bytesToNumberBE((0, utils_js_1.ensureBytes)('private key', key, nByteLength));
|
|
130
133
|
}
|
|
131
134
|
catch (error) {
|
|
132
135
|
throw new Error(`private key must be ${nByteLength} bytes, hex or bigint, not ${typeof key}`);
|
|
@@ -193,7 +196,7 @@ export function weierstrassPoints(opts) {
|
|
|
193
196
|
* @param hex short/long ECDSA hex
|
|
194
197
|
*/
|
|
195
198
|
static fromHex(hex) {
|
|
196
|
-
const P = Point.fromAffine(CURVE.fromBytes(ensureBytes('pointHex', hex)));
|
|
199
|
+
const P = Point.fromAffine(CURVE.fromBytes((0, utils_js_1.ensureBytes)('pointHex', hex)));
|
|
197
200
|
P.assertValidity();
|
|
198
201
|
return P;
|
|
199
202
|
}
|
|
@@ -483,7 +486,7 @@ export function weierstrassPoints(opts) {
|
|
|
483
486
|
Point.BASE = new Point(CURVE.Gx, CURVE.Gy, Fp.ONE);
|
|
484
487
|
Point.ZERO = new Point(Fp.ZERO, Fp.ONE, Fp.ZERO);
|
|
485
488
|
const _bits = CURVE.nBitLength;
|
|
486
|
-
const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits);
|
|
489
|
+
const wnaf = (0, curve_js_1.wNAF)(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits);
|
|
487
490
|
return {
|
|
488
491
|
ProjectivePoint: Point,
|
|
489
492
|
normPrivateKeyToScalar,
|
|
@@ -491,8 +494,9 @@ export function weierstrassPoints(opts) {
|
|
|
491
494
|
isWithinCurveOrder,
|
|
492
495
|
};
|
|
493
496
|
}
|
|
497
|
+
exports.weierstrassPoints = weierstrassPoints;
|
|
494
498
|
function validateOpts(curve) {
|
|
495
|
-
const opts = validateBasic(curve);
|
|
499
|
+
const opts = (0, curve_js_1.validateBasic)(curve);
|
|
496
500
|
ut.validateObject(opts, {
|
|
497
501
|
hash: 'hash',
|
|
498
502
|
hmac: 'function',
|
|
@@ -504,7 +508,7 @@ function validateOpts(curve) {
|
|
|
504
508
|
});
|
|
505
509
|
return Object.freeze({ lowS: true, ...opts });
|
|
506
510
|
}
|
|
507
|
-
|
|
511
|
+
function weierstrass(curveDef) {
|
|
508
512
|
const CURVE = validateOpts(curveDef);
|
|
509
513
|
const CURVE_ORDER = CURVE.n;
|
|
510
514
|
const Fp = CURVE.Fp;
|
|
@@ -583,13 +587,13 @@ export function weierstrass(curveDef) {
|
|
|
583
587
|
// pair (bytes of r, bytes of s)
|
|
584
588
|
static fromCompact(hex) {
|
|
585
589
|
const l = CURVE.nByteLength;
|
|
586
|
-
hex = ensureBytes('compactSignature', hex, l * 2);
|
|
590
|
+
hex = (0, utils_js_1.ensureBytes)('compactSignature', hex, l * 2);
|
|
587
591
|
return new Signature(slcNum(hex, 0, l), slcNum(hex, l, 2 * l));
|
|
588
592
|
}
|
|
589
593
|
// DER encoded ECDSA signature
|
|
590
594
|
// https://bitcoin.stackexchange.com/questions/57644/what-are-the-parts-of-a-bitcoin-transaction-input-script
|
|
591
595
|
static fromDER(hex) {
|
|
592
|
-
const { r, s } = DER.toSig(ensureBytes('DER', hex));
|
|
596
|
+
const { r, s } = DER.toSig((0, utils_js_1.ensureBytes)('DER', hex));
|
|
593
597
|
return new Signature(r, s);
|
|
594
598
|
}
|
|
595
599
|
assertValidity() {
|
|
@@ -604,7 +608,7 @@ export function weierstrass(curveDef) {
|
|
|
604
608
|
}
|
|
605
609
|
recoverPublicKey(msgHash) {
|
|
606
610
|
const { r, s, recovery: rec } = this;
|
|
607
|
-
const h = bits2int_modN(ensureBytes('msgHash', msgHash)); // Truncate hash
|
|
611
|
+
const h = bits2int_modN((0, utils_js_1.ensureBytes)('msgHash', msgHash)); // Truncate hash
|
|
608
612
|
if (rec == null || ![0, 1, 2, 3].includes(rec))
|
|
609
613
|
throw new Error('recovery id invalid');
|
|
610
614
|
const radj = rec === 2 || rec === 3 ? r + CURVE.n : r;
|
|
@@ -760,9 +764,9 @@ export function weierstrass(curveDef) {
|
|
|
760
764
|
let { lowS, prehash, extraEntropy: ent } = opts; // generates low-s sigs by default
|
|
761
765
|
if (lowS == null)
|
|
762
766
|
lowS = true; // RFC6979 3.2: we skip step A, because we already provide hash
|
|
763
|
-
msgHash = ensureBytes('msgHash', msgHash);
|
|
767
|
+
msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash);
|
|
764
768
|
if (prehash)
|
|
765
|
-
msgHash = ensureBytes('prehashed msgHash', hash(msgHash));
|
|
769
|
+
msgHash = (0, utils_js_1.ensureBytes)('prehashed msgHash', hash(msgHash));
|
|
766
770
|
// We can't later call bits2octets, since nested bits2int is broken for curves
|
|
767
771
|
// with nBitLength % 8 !== 0. Because of that, we unwrap it here as int2octets call.
|
|
768
772
|
// const bits2octets = (bits) => int2octets(bits2int_modN(bits))
|
|
@@ -773,7 +777,7 @@ export function weierstrass(curveDef) {
|
|
|
773
777
|
if (ent != null) {
|
|
774
778
|
// K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k')
|
|
775
779
|
const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is
|
|
776
|
-
seedArgs.push(ensureBytes('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES
|
|
780
|
+
seedArgs.push((0, utils_js_1.ensureBytes)('extraEntropy', e, Fp.BYTES)); // check for being of size BYTES
|
|
777
781
|
}
|
|
778
782
|
const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2
|
|
779
783
|
const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash!
|
|
@@ -839,8 +843,8 @@ export function weierstrass(curveDef) {
|
|
|
839
843
|
*/
|
|
840
844
|
function verify(signature, msgHash, publicKey, opts = defaultVerOpts) {
|
|
841
845
|
const sg = signature;
|
|
842
|
-
msgHash = ensureBytes('msgHash', msgHash);
|
|
843
|
-
publicKey = ensureBytes('publicKey', publicKey);
|
|
846
|
+
msgHash = (0, utils_js_1.ensureBytes)('msgHash', msgHash);
|
|
847
|
+
publicKey = (0, utils_js_1.ensureBytes)('publicKey', publicKey);
|
|
844
848
|
if ('strict' in opts)
|
|
845
849
|
throw new Error('options.strict was renamed to lowS');
|
|
846
850
|
const { lowS, prehash } = opts;
|
|
@@ -899,11 +903,12 @@ export function weierstrass(curveDef) {
|
|
|
899
903
|
utils,
|
|
900
904
|
};
|
|
901
905
|
}
|
|
906
|
+
exports.weierstrass = weierstrass;
|
|
902
907
|
// Implementation of the Shallue and van de Woestijne method for any Weierstrass curve
|
|
903
908
|
// TODO: check if there is a way to merge this with uvRatio in Edwards && move to modular?
|
|
904
909
|
// b = True and y = sqrt(u / v) if (u / v) is square in F, and
|
|
905
910
|
// b = False and y = sqrt(Z * (u / v)) otherwise.
|
|
906
|
-
|
|
911
|
+
function SWUFpSqrtRatio(Fp, Z) {
|
|
907
912
|
// Generic implementation
|
|
908
913
|
const q = Fp.ORDER;
|
|
909
914
|
let l = 0n;
|
|
@@ -967,8 +972,9 @@ export function SWUFpSqrtRatio(Fp, Z) {
|
|
|
967
972
|
// if (Fp.ORDER % 8n === 5n) // sqrt_ratio_5mod8
|
|
968
973
|
return sqrtRatio;
|
|
969
974
|
}
|
|
975
|
+
exports.SWUFpSqrtRatio = SWUFpSqrtRatio;
|
|
970
976
|
// From draft-irtf-cfrg-hash-to-curve-16
|
|
971
|
-
|
|
977
|
+
function mapToCurveSimpleSWU(Fp, opts) {
|
|
972
978
|
mod.validateField(Fp);
|
|
973
979
|
if (!Fp.isValid(opts.A) || !Fp.isValid(opts.B) || !Fp.isValid(opts.Z))
|
|
974
980
|
throw new Error('mapToCurveSimpleSWU: invalid opts');
|
|
@@ -1008,4 +1014,5 @@ export function mapToCurveSimpleSWU(Fp, opts) {
|
|
|
1008
1014
|
return { x, y };
|
|
1009
1015
|
};
|
|
1010
1016
|
}
|
|
1017
|
+
exports.mapToCurveSimpleSWU = mapToCurveSimpleSWU;
|
|
1011
1018
|
//# sourceMappingURL=weierstrass.js.map
|