@noble/curves 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (89) hide show
  1. package/README.md +125 -191
  2. package/abstract/bls.d.ts +27 -10
  3. package/abstract/bls.d.ts.map +1 -1
  4. package/abstract/bls.js +58 -8
  5. package/abstract/bls.js.map +1 -1
  6. package/abstract/curve.js.map +1 -1
  7. package/abstract/edwards.js.map +1 -1
  8. package/abstract/hash-to-curve.d.ts +1 -1
  9. package/abstract/hash-to-curve.d.ts.map +1 -1
  10. package/abstract/hash-to-curve.js +8 -8
  11. package/abstract/hash-to-curve.js.map +1 -1
  12. package/abstract/modular.js.map +1 -1
  13. package/abstract/montgomery.d.ts.map +1 -1
  14. package/abstract/montgomery.js +5 -7
  15. package/abstract/montgomery.js.map +1 -1
  16. package/abstract/poseidon.js.map +1 -1
  17. package/abstract/utils.d.ts +2 -1
  18. package/abstract/utils.d.ts.map +1 -1
  19. package/abstract/utils.js +55 -31
  20. package/abstract/utils.js.map +1 -1
  21. package/abstract/weierstrass.d.ts +23 -27
  22. package/abstract/weierstrass.d.ts.map +1 -1
  23. package/abstract/weierstrass.js +4 -4
  24. package/abstract/weierstrass.js.map +1 -1
  25. package/bls12-381.d.ts.map +1 -1
  26. package/bls12-381.js +137 -82
  27. package/bls12-381.js.map +1 -1
  28. package/bn254.d.ts +3 -2
  29. package/bn254.d.ts.map +1 -1
  30. package/bn254.js +3 -2
  31. package/bn254.js.map +1 -1
  32. package/ed25519.d.ts +4 -2
  33. package/ed25519.d.ts.map +1 -1
  34. package/ed25519.js +8 -2
  35. package/ed25519.js.map +1 -1
  36. package/ed448.d.ts +4 -2
  37. package/ed448.d.ts.map +1 -1
  38. package/ed448.js +10 -1
  39. package/ed448.js.map +1 -1
  40. package/esm/abstract/bls.js +58 -8
  41. package/esm/abstract/bls.js.map +1 -1
  42. package/esm/abstract/curve.js.map +1 -1
  43. package/esm/abstract/edwards.js.map +1 -1
  44. package/esm/abstract/hash-to-curve.js +9 -9
  45. package/esm/abstract/hash-to-curve.js.map +1 -1
  46. package/esm/abstract/modular.js.map +1 -1
  47. package/esm/abstract/montgomery.js +5 -7
  48. package/esm/abstract/montgomery.js.map +1 -1
  49. package/esm/abstract/poseidon.js.map +1 -1
  50. package/esm/abstract/utils.js +53 -30
  51. package/esm/abstract/utils.js.map +1 -1
  52. package/esm/abstract/weierstrass.js +4 -4
  53. package/esm/abstract/weierstrass.js.map +1 -1
  54. package/esm/bls12-381.js +138 -83
  55. package/esm/bls12-381.js.map +1 -1
  56. package/esm/bn254.js +3 -2
  57. package/esm/bn254.js.map +1 -1
  58. package/esm/ed25519.js +8 -2
  59. package/esm/ed25519.js.map +1 -1
  60. package/esm/ed448.js +10 -1
  61. package/esm/ed448.js.map +1 -1
  62. package/esm/jubjub.js.map +1 -1
  63. package/esm/p256.js +2 -2
  64. package/esm/p256.js.map +1 -1
  65. package/esm/p384.js +2 -2
  66. package/esm/p384.js.map +1 -1
  67. package/esm/p521.js +3 -3
  68. package/esm/p521.js.map +1 -1
  69. package/esm/secp256k1.js +6 -6
  70. package/esm/secp256k1.js.map +1 -1
  71. package/jubjub.js.map +1 -1
  72. package/p256.js +2 -2
  73. package/p256.js.map +1 -1
  74. package/p384.js +2 -2
  75. package/p384.js.map +1 -1
  76. package/p521.js +3 -3
  77. package/p521.js.map +1 -1
  78. package/package.json +5 -5
  79. package/secp256k1.js +6 -6
  80. package/secp256k1.js.map +1 -1
  81. package/src/abstract/bls.ts +117 -19
  82. package/src/abstract/hash-to-curve.ts +10 -9
  83. package/src/abstract/montgomery.ts +4 -6
  84. package/src/abstract/utils.ts +52 -26
  85. package/src/abstract/weierstrass.ts +16 -7
  86. package/src/bls12-381.ts +127 -69
  87. package/src/bn254.ts +3 -2
  88. package/src/ed25519.ts +10 -2
  89. package/src/ed448.ts +18 -3
package/src/ed448.ts CHANGED
@@ -13,7 +13,7 @@ import {
13
13
  Hex,
14
14
  numberToBytesLE,
15
15
  } from './abstract/utils.js';
16
- import { AffinePoint } from './abstract/curve.js';
16
+ import { AffinePoint, Group } from './abstract/curve.js';
17
17
 
18
18
  /**
19
19
  * Edwards448 (not Ed448-Goldilocks) curve with following addons:
@@ -103,6 +103,7 @@ const ED448_DEF = {
103
103
  n: BigInt(
104
104
  '181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779'
105
105
  ),
106
+ // RFC 7748 has 56-byte keys, RFC 8032 has 57-byte keys
106
107
  nBitLength: 456,
107
108
  // Cofactor
108
109
  h: BigInt(4),
@@ -137,8 +138,9 @@ export const ed448ph = /* @__PURE__ */ twistedEdwards({ ...ED448_DEF, prehash: s
137
138
  export const x448 = /* @__PURE__ */ (() =>
138
139
  montgomery({
139
140
  a: BigInt(156326),
141
+ // RFC 7748 has 56-byte keys, RFC 8032 has 57-byte keys
140
142
  montgomeryBits: 448,
141
- nByteLength: 57,
143
+ nByteLength: 56,
142
144
  P: ed448P,
143
145
  Gu: BigInt(5),
144
146
  powPminus2: (x: bigint): bigint => {
@@ -164,11 +166,14 @@ export function edwardsToMontgomeryPub(edwardsPub: string | Uint8Array): Uint8Ar
164
166
  const _1n = BigInt(1);
165
167
  return Fp.toBytes(Fp.create((y - _1n) * Fp.inv(y + _1n)));
166
168
  }
169
+
167
170
  export const edwardsToMontgomery = edwardsToMontgomeryPub; // deprecated
171
+ // TODO: add edwardsToMontgomeryPriv, similar to ed25519 version
168
172
 
169
173
  // Hash To Curve Elligator2 Map
170
174
  const ELL2_C1 = (Fp.ORDER - BigInt(3)) / BigInt(4); // 1. c1 = (q - 3) / 4 # Integer arithmetic
171
175
  const ELL2_J = BigInt(156326);
176
+
172
177
  function map_to_curve_elligator2_curve448(u: bigint) {
173
178
  let tv1 = Fp.sqr(u); // 1. tv1 = u^2
174
179
  let e1 = Fp.eql(tv1, Fp.ONE); // 2. e1 = tv1 == 1
@@ -198,6 +203,7 @@ function map_to_curve_elligator2_curve448(u: bigint) {
198
203
  y = Fp.cmov(y, Fp.neg(y), e2 !== e3); // 26. y = CMOV(y, -y, e2 XOR e3)
199
204
  return { xn, xd, yn: y, yd: Fp.ONE }; // 27. return (xn, xd, y, 1)
200
205
  }
206
+
201
207
  function map_to_curve_elligator2_edwards448(u: bigint) {
202
208
  let { xn, xd, yn, yd } = map_to_curve_elligator2_curve448(u); // 1. (xn, xd, yn, yd) = map_to_curve_elligator2_curve448(u)
203
209
  let xn2 = Fp.sqr(xn); // 2. xn2 = xn^2
@@ -323,7 +329,7 @@ function calcElligatorDecafMap(r0: bigint): ExtendedPoint {
323
329
  * but it should work in its own namespace: do not combine those two.
324
330
  * https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448
325
331
  */
326
- class DcfPoint {
332
+ class DcfPoint implements Group<DcfPoint> {
327
333
  static BASE: DcfPoint;
328
334
  static ZERO: DcfPoint;
329
335
  // Private property to discourage combining ExtendedPoint + DecafPoint
@@ -445,7 +451,16 @@ class DcfPoint {
445
451
  multiplyUnsafe(scalar: bigint): DcfPoint {
446
452
  return new DcfPoint(this.ep.multiplyUnsafe(scalar));
447
453
  }
454
+
455
+ double(): DcfPoint {
456
+ return new DcfPoint(this.ep.double());
457
+ }
458
+
459
+ negate(): DcfPoint {
460
+ return new DcfPoint(this.ep.negate());
461
+ }
448
462
  }
463
+
449
464
  export const DecafPoint = /* @__PURE__ */ (() => {
450
465
  // decaf448 base point is ed448 base x 2
451
466
  // https://github.com/dalek-cryptography/curve25519-dalek/blob/59837c6ecff02b77b9d5ff84dbc239d0cf33ef90/vendor/ristretto.sage#L699