@noble/curves 1.9.5 → 2.0.0-beta.1

package/esm/abstract/hash-to-curve.d.ts

@@ -1,102 +0,0 @@
-/**
- * hash-to-curve from RFC 9380.
- * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F.
- * https://www.rfc-editor.org/rfc/rfc9380
- * @module
- */
-/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
-import type { CHash } from '../utils.ts';
-import type { AffinePoint, Group, GroupConstructor } from './curve.ts';
-import { type IField } from './modular.ts';
-export type UnicodeOrBytes = string | Uint8Array;
-/**
- * * `DST` is a domain separation tag, defined in section 2.2.5
- * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m
- * * `m` is extension degree (1 for prime fields)
- * * `k` is the target security target in bits (e.g. 128), from section 5.1
- * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF)
- * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props
- */
-export type H2COpts = {
-    DST: UnicodeOrBytes;
-    expand: 'xmd' | 'xof';
-    hash: CHash;
-    p: bigint;
-    m: number;
-    k: number;
-};
-export type H2CHashOpts = {
-    expand: 'xmd' | 'xof';
-    hash: CHash;
-};
-export type Opts = H2COpts;
-/**
- * Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits.
- * [RFC 9380 5.3.1](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1).
- */
-export declare function expand_message_xmd(msg: Uint8Array, DST: UnicodeOrBytes, lenInBytes: number, H: CHash): Uint8Array;
-/**
- * Produces a uniformly random byte string using an extendable-output function (XOF) H.
- * 1. The collision resistance of H MUST be at least k bits.
- * 2. H MUST be an XOF that has been proved indifferentiable from
- *    a random oracle under a reasonable cryptographic assumption.
- * [RFC 9380 5.3.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2).
- */
-export declare function expand_message_xof(msg: Uint8Array, DST: UnicodeOrBytes, lenInBytes: number, k: number, H: CHash): Uint8Array;
-/**
- * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F.
- * [RFC 9380 5.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.2).
- * @param msg a byte string containing the message to hash
- * @param count the number of elements of F to output
- * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above
- * @returns [u_0, ..., u_(count - 1)], a list of field elements.
- */
-export declare function hash_to_field(msg: Uint8Array, count: number, options: H2COpts): bigint[][];
-export type XY<T> = (x: T, y: T) => {
-    x: T;
-    y: T;
-};
-export type XYRatio<T> = [T[], T[], T[], T[]];
-export declare function isogenyMap<T, F extends IField<T>>(field: F, map: XYRatio<T>): XY<T>;
-/** Point interface, which curves must implement to work correctly with the module. */
-export interface H2CPoint<T> extends Group<H2CPoint<T>> {
-    add(rhs: H2CPoint<T>): H2CPoint<T>;
-    toAffine(iz?: bigint): AffinePoint<T>;
-    clearCofactor(): H2CPoint<T>;
-    assertValidity(): void;
-}
-export interface H2CPointConstructor<T> extends GroupConstructor<H2CPoint<T>> {
-    fromAffine(ap: AffinePoint<T>): H2CPoint<T>;
-}
-export type MapToCurve<T> = (scalar: bigint[]) => AffinePoint<T>;
-export type htfBasicOpts = {
-    DST: UnicodeOrBytes;
-};
-export type H2CMethod<T> = (msg: Uint8Array, options?: htfBasicOpts) => H2CPoint<T>;
-export type HTFMethod<T> = H2CMethod<T>;
-export type MapMethod<T> = (scalars: bigint[]) => H2CPoint<T>;
-export type H2CHasherBase<T> = {
-    hashToCurve: H2CMethod<T>;
-    hashToScalar: (msg: Uint8Array, options: htfBasicOpts) => bigint;
-};
-/**
- * RFC 9380 methods, with cofactor clearing. See https://www.rfc-editor.org/rfc/rfc9380#section-3.
- *
- * * hashToCurve: `map(hash(input))`, encodes RANDOM bytes to curve (WITH hashing)
- * * encodeToCurve: `map(hash(input))`, encodes NON-UNIFORM bytes to curve (WITH hashing)
- * * mapToCurve: `map(scalars)`, encodes NON-UNIFORM scalars to curve (NO hashing)
- */
-export type H2CHasher<T> = H2CHasherBase<T> & {
-    encodeToCurve: H2CMethod<T>;
-    mapToCurve: MapMethod<T>;
-    defaults: H2COpts & {
-        encodeDST?: UnicodeOrBytes;
-    };
-};
-export type Hasher<T> = H2CHasher<T>;
-export declare const _DST_scalar: Uint8Array;
-/** Creates hash-to-curve methods from EC Point and mapToCurve function. See {@link H2CHasher}. */
-export declare function createHasher<T>(Point: H2CPointConstructor<T>, mapToCurve: MapToCurve<T>, defaults: H2COpts & {
-    encodeDST?: UnicodeOrBytes;
-}): H2CHasher<T>;
-//# sourceMappingURL=hash-to-curve.d.ts.map

package/esm/abstract/hash-to-curve.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"hash-to-curve.d.ts","sourceRoot":"","sources":["../../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,sEAAsE;AACtE,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAUzC,OAAO,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAsB,KAAK,MAAM,EAAE,MAAM,cAAc,CAAC;AAE/D,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,UAAU,CAAC;AAEjD;;;;;;;GAOG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,GAAG,EAAE,cAAc,CAAC;IACpB,MAAM,EAAE,KAAK,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AACF,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,KAAK,GAAG,KAAK,CAAC;IACtB,IAAI,EAAE,KAAK,CAAC;CACb,CAAC;AAEF,MAAM,MAAM,IAAI,GAAG,OAAO,CAAC;AAmC3B;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,UAAU,EACf,GAAG,EAAE,cAAc,EACnB,UAAU,EAAE,MAAM,EAClB,CAAC,EAAE,MAAM,EACT,CAAC,EAAE,KAAK,GACP,UAAU,CAqBZ;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,EAAE,EAAE,CAoC1F;AAED,MAAM,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK;IAAE,CAAC,EAAE,CAAC,CAAC;IAAC,CAAC,EAAE,CAAC,CAAA;CAAE,CAAC;AACnD,MAAM,MAAM,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;AAC9C,wBAAgB,UAAU,CAAC,CAAC,EAAE,CAAC,SAAS,MAAM,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAgBnF;AAED,sFAAsF;AACtF,MAAM,WAAW,QAAQ,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACrD,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACnC,QAAQ,CAAC,EAAE,CAAC,EAAE,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IACtC,aAAa,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC7B,cAAc,IAAI,IAAI,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB,CAAC,CAAC,CAAE,SAAQ,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC3E,UAAU,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;CAC7C;AAED,MAAM,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,CAAC,CAAC,CAAC;AAIjE,MAAM,MAAM,YAAY,GAAG;IAAE,GAAG,EAAE,cAAc,CAAA;CAAE,CAAC;AACnD,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC;AAEpF,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC;AACxC,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC9D,MAAM,MAAM,aAAa,CAAC,CAAC,IAAI;IAC7B,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;IAC1B,YAAY,EAAE,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,EAAE,YAAY,KAAK,MAAM,CAAC;CAClE,CAAC;AACF;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,GAAG;IAC5C,aAAa,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;IAC5B,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;IACzB,QAAQ,EAAE,OAAO,GAAG;QAAE,SAAS,CAAC,EAAE,cAAc,CAAA;KAAE,CAAC;CACpD,CAAC;AAEF,MAAM,MAAM,MAAM,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC;AAErC,eAAO,MAAM,WAAW,EAAE,UAAyC,CAAC;AAEpE,kGAAkG;AAClG,wBAAgB,YAAY,CAAC,CAAC,EAC5B,KAAK,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAC7B,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EACzB,QAAQ,EAAE,OAAO,GAAG;IAAE,SAAS,CAAC,EAAE,cAAc,CAAA;CAAE,GACjD,SAAS,CAAC,CAAC,CAAC,CA8Cd"}

package/esm/abstract/hash-to-curve.js

@@ -1,203 +0,0 @@
-import { _validateObject, abytes, bytesToNumberBE, concatBytes, isBytes, isHash, utf8ToBytes, } from "../utils.js";
-import { FpInvertBatch, mod } from "./modular.js";
-// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE.
-const os2ip = bytesToNumberBE;
-// Integer to Octet Stream (numberToBytesBE)
-function i2osp(value, length) {
-    anum(value);
-    anum(length);
-    if (value < 0 || value >= 1 << (8 * length))
-        throw new Error('invalid I2OSP input: ' + value);
-    const res = Array.from({ length }).fill(0);
-    for (let i = length - 1; i >= 0; i--) {
-        res[i] = value & 0xff;
-        value >>>= 8;
-    }
-    return new Uint8Array(res);
-}
-function strxor(a, b) {
-    const arr = new Uint8Array(a.length);
-    for (let i = 0; i < a.length; i++) {
-        arr[i] = a[i] ^ b[i];
-    }
-    return arr;
-}
-function anum(item) {
-    if (!Number.isSafeInteger(item))
-        throw new Error('number expected');
-}
-function normDST(DST) {
-    if (!isBytes(DST) && typeof DST !== 'string')
-        throw new Error('DST must be Uint8Array or string');
-    return typeof DST === 'string' ? utf8ToBytes(DST) : DST;
-}
-/**
- * Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits.
- * [RFC 9380 5.3.1](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1).
- */
-export function expand_message_xmd(msg, DST, lenInBytes, H) {
-    abytes(msg);
-    anum(lenInBytes);
-    DST = normDST(DST);
-    // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3
-    if (DST.length > 255)
-        DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST));
-    const { outputLen: b_in_bytes, blockLen: r_in_bytes } = H;
-    const ell = Math.ceil(lenInBytes / b_in_bytes);
-    if (lenInBytes > 65535 || ell > 255)
-        throw new Error('expand_message_xmd: invalid lenInBytes');
-    const DST_prime = concatBytes(DST, i2osp(DST.length, 1));
-    const Z_pad = i2osp(0, r_in_bytes);
-    const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str
-    const b = new Array(ell);
-    const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
-    b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime));
-    for (let i = 1; i <= ell; i++) {
-        const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime];
-        b[i] = H(concatBytes(...args));
-    }
-    const pseudo_random_bytes = concatBytes(...b);
-    return pseudo_random_bytes.slice(0, lenInBytes);
-}
-/**
- * Produces a uniformly random byte string using an extendable-output function (XOF) H.
- * 1. The collision resistance of H MUST be at least k bits.
- * 2. H MUST be an XOF that has been proved indifferentiable from
- *    a random oracle under a reasonable cryptographic assumption.
- * [RFC 9380 5.3.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2).
- */
-export function expand_message_xof(msg, DST, lenInBytes, k, H) {
-    abytes(msg);
-    anum(lenInBytes);
-    DST = normDST(DST);
-    // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3
-    // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8));
-    if (DST.length > 255) {
-        const dkLen = Math.ceil((2 * k) / 8);
-        DST = H.create({ dkLen }).update(utf8ToBytes('H2C-OVERSIZE-DST-')).update(DST).digest();
-    }
-    if (lenInBytes > 65535 || DST.length > 255)
-        throw new Error('expand_message_xof: invalid lenInBytes');
-    return (H.create({ dkLen: lenInBytes })
-        .update(msg)
-        .update(i2osp(lenInBytes, 2))
-        // 2. DST_prime = DST || I2OSP(len(DST), 1)
-        .update(DST)
-        .update(i2osp(DST.length, 1))
-        .digest());
-}
-/**
- * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F.
- * [RFC 9380 5.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.2).
- * @param msg a byte string containing the message to hash
- * @param count the number of elements of F to output
- * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above
- * @returns [u_0, ..., u_(count - 1)], a list of field elements.
- */
-export function hash_to_field(msg, count, options) {
-    _validateObject(options, {
-        p: 'bigint',
-        m: 'number',
-        k: 'number',
-        hash: 'function',
-    });
-    const { p, k, m, hash, expand, DST } = options;
-    if (!isHash(options.hash))
-        throw new Error('expected valid hash');
-    abytes(msg);
-    anum(count);
-    const log2p = p.toString(2).length;
-    const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above
-    const len_in_bytes = count * m * L;
-    let prb; // pseudo_random_bytes
-    if (expand === 'xmd') {
-        prb = expand_message_xmd(msg, DST, len_in_bytes, hash);
-    }
-    else if (expand === 'xof') {
-        prb = expand_message_xof(msg, DST, len_in_bytes, k, hash);
-    }
-    else if (expand === '_internal_pass') {
-        // for internal tests only
-        prb = msg;
-    }
-    else {
-        throw new Error('expand must be "xmd" or "xof"');
-    }
-    const u = new Array(count);
-    for (let i = 0; i < count; i++) {
-        const e = new Array(m);
-        for (let j = 0; j < m; j++) {
-            const elm_offset = L * (j + i * m);
-            const tv = prb.subarray(elm_offset, elm_offset + L);
-            e[j] = mod(os2ip(tv), p);
-        }
-        u[i] = e;
-    }
-    return u;
-}
-export function isogenyMap(field, map) {
-    // Make same order as in spec
-    const coeff = map.map((i) => Array.from(i).reverse());
-    return (x, y) => {
-        const [xn, xd, yn, yd] = coeff.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i)));
-        // 6.6.3
-        // Exceptional cases of iso_map are inputs that cause the denominator of
-        // either rational function to evaluate to zero; such cases MUST return
-        // the identity point on E.
-        const [xd_inv, yd_inv] = FpInvertBatch(field, [xd, yd], true);
-        x = field.mul(xn, xd_inv); // xNum / xDen
-        y = field.mul(y, field.mul(yn, yd_inv)); // y * (yNum / yDev)
-        return { x, y };
-    };
-}
-export const _DST_scalar = utf8ToBytes('HashToScalar-');
-/** Creates hash-to-curve methods from EC Point and mapToCurve function. See {@link H2CHasher}. */
-export function createHasher(Point, mapToCurve, defaults) {
-    if (typeof mapToCurve !== 'function')
-        throw new Error('mapToCurve() must be defined');
-    function map(num) {
-        return Point.fromAffine(mapToCurve(num));
-    }
-    function clear(initial) {
-        const P = initial.clearCofactor();
-        if (P.equals(Point.ZERO))
-            return Point.ZERO; // zero will throw in assert
-        P.assertValidity();
-        return P;
-    }
-    return {
-        defaults,
-        hashToCurve(msg, options) {
-            const opts = Object.assign({}, defaults, options);
-            const u = hash_to_field(msg, 2, opts);
-            const u0 = map(u[0]);
-            const u1 = map(u[1]);
-            return clear(u0.add(u1));
-        },
-        encodeToCurve(msg, options) {
-            const optsDst = defaults.encodeDST ? { DST: defaults.encodeDST } : {};
-            const opts = Object.assign({}, defaults, optsDst, options);
-            const u = hash_to_field(msg, 1, opts);
-            const u0 = map(u[0]);
-            return clear(u0);
-        },
-        /** See {@link H2CHasher} */
-        mapToCurve(scalars) {
-            if (!Array.isArray(scalars))
-                throw new Error('expected array of bigints');
-            for (const i of scalars)
-                if (typeof i !== 'bigint')
-                    throw new Error('expected array of bigints');
-            return clear(map(scalars));
-        },
-        // hash_to_scalar can produce 0: https://www.rfc-editor.org/errata/eid8393
-        // RFC 9380, draft-irtf-cfrg-bbs-signatures-08
-        hashToScalar(msg, options) {
-            // @ts-ignore
-            const N = Point.Fn.ORDER;
-            const opts = Object.assign({}, defaults, { p: N, m: 1, DST: _DST_scalar }, options);
-            return hash_to_field(msg, 1, opts)[0][0];
-        },
-    };
-}
-//# sourceMappingURL=hash-to-curve.js.map

package/esm/abstract/hash-to-curve.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,eAAe,EACf,MAAM,EACN,eAAe,EACf,WAAW,EACX,OAAO,EACP,MAAM,EACN,WAAW,GACZ,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,aAAa,EAAE,GAAG,EAAe,MAAM,cAAc,CAAC;AA2B/D,6FAA6F;AAC7F,MAAM,KAAK,GAAG,eAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,IAAI,CAAC,KAAK,CAAC,CAAC;IACZ,IAAI,CAAC,MAAM,CAAC,CAAC;IACb,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,KAAK,CAAC,CAAC;IAC9F,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;IACf,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,IAAI,CAAC,IAAa;IACzB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;AACtE,CAAC;AAED,SAAS,OAAO,CAAC,GAAmB;IAClC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAClG,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAC1D,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAmB,EACnB,UAAkB,EAClB,CAAQ;IAER,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,IAAI,CAAC,UAAU,CAAC,CAAC;IACjB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,WAAW,CAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAClF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,mBAAmB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAmB,EACnB,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,IAAI,CAAC,UAAU,CAAC,CAAC;IACjB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;IAC1F,CAAC;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAgB;IAC5E,eAAe,CAAC,OAAO,EAAE;QACvB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,IAAI,EAAE,UAAU;KACjB,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAC/C,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAClE,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,IAAI,CAAC,KAAK,CAAC,CAAC;IACZ,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QAC5B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;QACvC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;IACZ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAID,MAAM,UAAU,UAAU,CAAyB,KAAQ,EAAE,GAAe;IAC1E,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACzC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,QAAQ;QACR,wEAAwE;QACxE,uEAAuE;QACvE,2BAA2B;QAC3B,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,aAAa,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC9D,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AA0CD,MAAM,CAAC,MAAM,WAAW,GAAe,WAAW,CAAC,eAAe,CAAC,CAAC;AAEpE,kGAAkG;AAClG,MAAM,UAAU,YAAY,CAC1B,KAA6B,EAC7B,UAAyB,EACzB,QAAkD;IAElD,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,SAAS,GAAG,CAAC,GAAa;QACxB,OAAO,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3C,CAAC;IACD,SAAS,KAAK,CAAC,OAAoB;QACjC,MAAM,CAAC,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,4BAA4B;QACzE,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,OAAO,CAAC,CAAC;IACX,CAAC;IAED,OAAO;QACL,QAAQ;QAER,WAAW,CAAC,GAAe,EAAE,OAAsB;YACjD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;YAClD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,aAAa,CAAC,GAAe,EAAE,OAAsB;YACnD,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACtE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC3D,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;QACD,4BAA4B;QAC5B,UAAU,CAAC,OAAiB;YAC1B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,KAAK,MAAM,CAAC,IAAI,OAAO;gBACrB,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,0EAA0E;QAC1E,8CAA8C;QAC9C,YAAY,CAAC,GAAe,EAAE,OAAsB;YAClD,aAAa;YACb,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YACpF,OAAO,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;KACF,CAAC;AACJ,CAAC"}

package/esm/abstract/modular.d.ts

@@ -1,171 +0,0 @@
-export declare function mod(a: bigint, b: bigint): bigint;
-/**
- * Efficiently raise num to power and do modular division.
- * Unsafe in some contexts: uses ladder, so can expose bigint bits.
- * @example
- * pow(2n, 6n, 11n) // 64n % 11n == 9n
- */
-export declare function pow(num: bigint, power: bigint, modulo: bigint): bigint;
-/** Does `x^(2^power)` mod p. `pow2(30, 4)` == `30^(2^4)` */
-export declare function pow2(x: bigint, power: bigint, modulo: bigint): bigint;
-/**
- * Inverses number over modulo.
- * Implemented using [Euclidean GCD](https://brilliant.org/wiki/extended-euclidean-algorithm/).
- */
-export declare function invert(number: bigint, modulo: bigint): bigint;
-/**
- * Tonelli-Shanks square root search algorithm.
- * 1. https://eprint.iacr.org/2012/685.pdf (page 12)
- * 2. Square Roots from 1; 24, 51, 10 to Dan Shanks
- * @param P field order
- * @returns function that takes field Fp (created from P) and number n
- */
-export declare function tonelliShanks(P: bigint): <T>(Fp: IField<T>, n: T) => T;
-/**
- * Square root for a finite field. Will try optimized versions first:
- *
- * 1. P ≡ 3 (mod 4)
- * 2. P ≡ 5 (mod 8)
- * 3. P ≡ 9 (mod 16)
- * 4. Tonelli-Shanks algorithm
- *
- * Different algorithms can give different roots, it is up to user to decide which one they want.
- * For example there is FpSqrtOdd/FpSqrtEven to choice root based on oddness (used for hash-to-curve).
- */
-export declare function FpSqrt(P: bigint): <T>(Fp: IField<T>, n: T) => T;
-export declare const isNegativeLE: (num: bigint, modulo: bigint) => boolean;
-/** Field is not always over prime: for example, Fp2 has ORDER(q)=p^m. */
-export interface IField<T> {
-    ORDER: bigint;
-    isLE: boolean;
-    BYTES: number;
-    BITS: number;
-    MASK: bigint;
-    ZERO: T;
-    ONE: T;
-    create: (num: T) => T;
-    isValid: (num: T) => boolean;
-    is0: (num: T) => boolean;
-    isValidNot0: (num: T) => boolean;
-    neg(num: T): T;
-    inv(num: T): T;
-    sqrt(num: T): T;
-    sqr(num: T): T;
-    eql(lhs: T, rhs: T): boolean;
-    add(lhs: T, rhs: T): T;
-    sub(lhs: T, rhs: T): T;
-    mul(lhs: T, rhs: T | bigint): T;
-    pow(lhs: T, power: bigint): T;
-    div(lhs: T, rhs: T | bigint): T;
-    addN(lhs: T, rhs: T): T;
-    subN(lhs: T, rhs: T): T;
-    mulN(lhs: T, rhs: T | bigint): T;
-    sqrN(num: T): T;
-    isOdd?(num: T): boolean;
-    allowedLengths?: number[];
-    invertBatch: (lst: T[]) => T[];
-    toBytes(num: T): Uint8Array;
-    fromBytes(bytes: Uint8Array, skipValidation?: boolean): T;
-    cmov(a: T, b: T, c: boolean): T;
-}
-export declare function validateField<T>(field: IField<T>): IField<T>;
-/**
- * Same as `pow` but for Fp: non-constant-time.
- * Unsafe in some contexts: uses ladder, so can expose bigint bits.
- */
-export declare function FpPow<T>(Fp: IField<T>, num: T, power: bigint): T;
-/**
- * Efficiently invert an array of Field elements.
- * Exception-free. Will return `undefined` for 0 elements.
- * @param passZero map 0 to 0 (instead of undefined)
- */
-export declare function FpInvertBatch<T>(Fp: IField<T>, nums: T[], passZero?: boolean): T[];
-export declare function FpDiv<T>(Fp: IField<T>, lhs: T, rhs: T | bigint): T;
-/**
- * Legendre symbol.
- * Legendre constant is used to calculate Legendre symbol (a | p)
- * which denotes the value of a^((p-1)/2) (mod p).
- *
- * * (a | p) ≡ 1    if a is a square (mod p), quadratic residue
- * * (a | p) ≡ -1   if a is not a square (mod p), quadratic non residue
- * * (a | p) ≡ 0    if a ≡ 0 (mod p)
- */
-export declare function FpLegendre<T>(Fp: IField<T>, n: T): -1 | 0 | 1;
-export declare function FpIsSquare<T>(Fp: IField<T>, n: T): boolean;
-export type NLength = {
-    nByteLength: number;
-    nBitLength: number;
-};
-export declare function nLength(n: bigint, nBitLength?: number): NLength;
-type FpField = IField<bigint> & Required<Pick<IField<bigint>, 'isOdd'>>;
-type SqrtFn = (n: bigint) => bigint;
-type FieldOpts = Partial<{
-    sqrt: SqrtFn;
-    isLE: boolean;
-    BITS: number;
-    modFromBytes: boolean;
-    allowedLengths?: readonly number[];
-}>;
-/**
- * Creates a finite field. Major performance optimizations:
- * * 1. Denormalized operations like mulN instead of mul.
- * * 2. Identical object shape: never add or remove keys.
- * * 3. `Object.freeze`.
- * Fragile: always run a benchmark on a change.
- * Security note: operations don't check 'isValid' for all elements for performance reasons,
- * it is caller responsibility to check this.
- * This is low-level code, please make sure you know what you're doing.
- *
- * Note about field properties:
- * * CHARACTERISTIC p = prime number, number of elements in main subgroup.
- * * ORDER q = similar to cofactor in curves, may be composite `q = p^m`.
- *
- * @param ORDER field order, probably prime, or could be composite
- * @param bitLen how many bits the field consumes
- * @param isLE (default: false) if encoding / decoding should be in little-endian
- * @param redef optional faster redefinitions of sqrt and other methods
- */
-export declare function Field(ORDER: bigint, bitLenOrOpts?: number | FieldOpts, // TODO: use opts only in v2?
-isLE?: boolean, opts?: {
-    sqrt?: SqrtFn;
-}): Readonly<FpField>;
-export declare function FpSqrtOdd<T>(Fp: IField<T>, elm: T): T;
-export declare function FpSqrtEven<T>(Fp: IField<T>, elm: T): T;
-/**
- * "Constant-time" private key generation utility.
- * Same as mapKeyToField, but accepts less bytes (40 instead of 48 for 32-byte field).
- * Which makes it slightly more biased, less secure.
- * @deprecated use `mapKeyToField` instead
- */
-export declare function hashToPrivateScalar(hash: string | Uint8Array, groupOrder: bigint, isLE?: boolean): bigint;
-/**
- * Returns total number of bytes consumed by the field element.
- * For example, 32 bytes for usual 256-bit weierstrass curve.
- * @param fieldOrder number of field elements, usually CURVE.n
- * @returns byte length of field
- */
-export declare function getFieldBytesLength(fieldOrder: bigint): number;
-/**
- * Returns minimal amount of bytes that can be safely reduced
- * by field order.
- * Should be 2^-128 for 128-bit curve such as P256.
- * @param fieldOrder number of field elements, usually CURVE.n
- * @returns byte length of target hash
- */
-export declare function getMinHashLength(fieldOrder: bigint): number;
-/**
- * "Constant-time" private key generation utility.
- * Can take (n + n/2) or more bytes of uniform input e.g. from CSPRNG or KDF
- * and convert them into private scalar, with the modulo bias being negligible.
- * Needs at least 48 bytes of input for 32-byte private key.
- * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/
- * FIPS 186-5, A.2 https://csrc.nist.gov/publications/detail/fips/186/5/final
- * RFC 9380, https://www.rfc-editor.org/rfc/rfc9380#section-5
- * @param hash hash output from SHA3 or a similar function
- * @param groupOrder size of subgroup - (e.g. secp256k1.CURVE.n)
- * @param isLE interpret hash bytes as LE num
- * @returns valid private scalar
- */
-export declare function mapHashToField(key: Uint8Array, fieldOrder: bigint, isLE?: boolean): Uint8Array;
-export {};
-//# sourceMappingURL=modular.d.ts.map

package/esm/abstract/modular.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"modular.d.ts","sourceRoot":"","sources":["../../src/abstract/modular.ts"],"names":[],"mappings":"AA0BA,wBAAgB,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAGhD;AACD;;;;;GAKG;AACH,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAEtE;AAED,4DAA4D;AAC5D,wBAAgB,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAOrE;AAED;;;GAGG;AACH,wBAAgB,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAoB7D;AAqDD;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAgEtE;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,CAS/D;AAGD,eAAO,MAAM,YAAY,GAAI,KAAK,MAAM,EAAE,QAAQ,MAAM,KAAG,OACzB,CAAC;AAEnC,yEAAyE;AACzE,MAAM,WAAW,MAAM,CAAC,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,CAAC,CAAC;IACR,GAAG,EAAE,CAAC,CAAC;IAEP,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IACtB,OAAO,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IAC7B,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IACzB,WAAW,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC;IACjC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACf,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAChB,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAEf,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IAC7B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvB,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAChC,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAAC;IAC9B,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IAEhC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAMhB,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B,WAAW,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;IAC/B,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,UAAU,CAAC;IAC5B,SAAS,CAAC,KAAK,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC;IAE1D,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC;CACjC;AAOD,wBAAgB,aAAa,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAgB5D;AAID;;;GAGG;AACH,wBAAgB,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,CAAC,CAYhE;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,QAAQ,UAAQ,GAAG,CAAC,EAAE,CAiBhF;AAGD,wBAAgB,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,MAAM,GAAG,CAAC,CAElE;AAED;;;;;;;;GAQG;AACH,wBAAgB,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAU7D;AAGD,wBAAgB,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,OAAO,CAG1D;AAED,MAAM,MAAM,OAAO,GAAG;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAAC;AAElE,wBAAgB,OAAO,CAAC,CAAC,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAM/D;AAED,KAAK,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AACxE,KAAK,MAAM,GAAG,CAAC,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;AACpC,KAAK,SAAS,GAAG,OAAO,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,OAAO,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,OAAO,CAAC;IACtB,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CACpC,CAAC,CAAC;AACH;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,KAAK,CACnB,KAAK,EAAE,MAAM,EACb,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,EAAE,6BAA6B;AAChE,IAAI,UAAQ,EACZ,IAAI,GAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAO,GAC3B,QAAQ,CAAC,OAAO,CAAC,CA6FnB;AAgBD,wBAAgB,SAAS,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAIrD;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAItD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,GAAG,UAAU,EACzB,UAAU,EAAE,MAAM,EAClB,IAAI,UAAQ,GACX,MAAM,CAUR;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAI9D;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAG3D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,UAAQ,GAAG,UAAU,CAW5F"}