@noble/post-quantum 0.2.0 → 0.3.0

package/src/ml-kem.ts

@@ -1,3 +1,24 @@
+/**
+ * Module Lattice-based Key Encapsulation Mechanism (ML-KEM). A.k.a. CRYSTALS-Kyber.
+ * FIPS-203 is implemented.
+ *
+ * Key encapsulation is similar to DH / ECDH (think X25519), with important differences:
+ * * Unlike in ECDH, we can't verify if it was "Bob" who've sent the shared secret
+ * * Unlike ECDH, it is probabalistic and relies on quality of randomness (CSPRNG).
+ * * Decapsulation never throws an error, even when shared secret was
+ *   encrypted by a different public key. It will just return a different shared secret.
+ *
+ * There are some concerns with regards to security: see
+ * [djb blog](https://blog.cr.yp.to/20231003-countcorrectly.html) and
+ * [mailing list](https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/W2VOzy0wz_E).
+ *
+ * Has similar internals to ML-DSA, but their keys and params are different.
+ *
+ * Check out [official site](https://www.pq-crystals.org/kyber/resources.shtml),
+ * [repo](https://github.com/pq-crystals/kyber),
+ * [spec](https://datatracker.ietf.org/doc/draft-cfrg-schwabe-kyber/).
+ * @module
+ */
 /*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
 import { sha3_256, sha3_512, shake256 } from '@noble/hashes/sha3';
 import { u32, wrapConstructor, wrapConstructorWithOpts } from '@noble/hashes/utils';
@@ -12,27 +33,23 @@ import {
   vecCoder,
 } from './utils.js';
 
-/*
-Lattice-based key encapsulation mechanism.
-See [official site](https://www.pq-crystals.org/kyber/resources.shtml),
-[repo](https://github.com/pq-crystals/kyber),
-[spec](https://datatracker.ietf.org/doc/draft-cfrg-schwabe-kyber/).
-
-Key encapsulation is similar to DH / ECDH (think X25519), with important differences:
-
-- We can't verify if it was "Bob" who've sent the shared secret.
-  In ECDH, it's always verified
-- Kyber is probabalistic and relies on quality of randomness (CSPRNG).
-  ECDH doesn't (to this extent).
-- Kyber decapsulation never throws an error, even when shared secret was
-  encrypted by a different public key. It will just return a different
-  shared secret
-
-There are some concerns with regards to security: see
-[djb blog](https://blog.cr.yp.to/20231003-countcorrectly.html) and
-[mailing list](https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/W2VOzy0wz_E).
-
-*/
+/** Key encapsulation mechanism interface */
+export type KEM = {
+  publicKeyLen: number;
+  msgLen: number;
+  keygen: (seed?: Uint8Array) => {
+    publicKey: Uint8Array;
+    secretKey: Uint8Array;
+  };
+  encapsulate: (
+    publicKey: Uint8Array,
+    msg?: Uint8Array
+  ) => {
+    cipherText: Uint8Array;
+    sharedSecret: Uint8Array;
+  };
+  decapsulate: (cipherText: Uint8Array, secretKey: Uint8Array) => Uint8Array;
+};
 
 const N = 256; // Kyber (not FIPS-203) supports different lengths, but all std modes were using 256
 const Q = 3329; // 13*(2**8)+1, modulo prime
@@ -48,8 +65,8 @@ const { mod, nttZetas, NTT, bitsCoder } = genCrystals({
   isKyber: true,
 });
 
-// FIPS 203: 7. Parameter Sets
-type ParameterSet = {
+/** FIPS 203: 7. Parameter Sets */
+export type KEMParam = {
   N: number;
   K: number;
   Q: number;
@@ -59,8 +76,9 @@ type ParameterSet = {
   dv: number;
   RBGstrength: number;
 };
+/** Internal params of ML-KEM versions */
 // prettier-ignore
-export const PARAMS: Record<string, ParameterSet> = {
+export const PARAMS: Record<string, KEMParam> = {
   512: { N, Q, K: 2, ETA1: 3, ETA2: 2, du: 10, dv: 4, RBGstrength: 128 },
   768: { N, Q, K: 3, ETA1: 2, ETA2: 2, du: 10, dv: 4, RBGstrength: 192 },
   1024:{ N, Q, K: 4, ETA1: 2, ETA2: 2, du: 11, dv: 5, RBGstrength: 256 },
@@ -123,7 +141,7 @@ type Hash = ReturnType<typeof wrapConstructor>;
 type HashWOpts = ReturnType<typeof wrapConstructorWithOpts>;
 type XofGet = ReturnType<ReturnType<XOF>['get']>;
 
-type KyberOpts = ParameterSet & {
+type KyberOpts = KEMParam & {
   HASH256: Hash;
   HASH512: Hash;
   KDF: Hash | HashWOpts;
@@ -327,18 +345,20 @@ const opts = {
   PRF: shakePRF,
 };
 
-/**
- * FIPS-203 ML-KEM.
- */
-export const ml_kem512 = /* @__PURE__ */ createKyber({
+/** ML-KEM-512 for 128-bit security level. As per ASD, not recommended after 2030. */
+export const ml_kem512: KEM = /* @__PURE__ */ createKyber({
   ...opts,
   ...PARAMS[512],
 });
-export const ml_kem768 = /* @__PURE__ */ createKyber({
+
+/** ML-KEM-768, for 192-bit security level. As per ASD, not recommended after 2030. */
+export const ml_kem768: KEM = /* @__PURE__ */ createKyber({
   ...opts,
   ...PARAMS[768],
 });
-export const ml_kem1024 = /* @__PURE__ */ createKyber({
+
+/** ML-KEM-1024 for 256-bit security level. As per ASD, OK after 2030. */
+export const ml_kem1024: KEM = /* @__PURE__ */ createKyber({
   ...opts,
   ...PARAMS[1024],
 });

package/src/slh-dsa.ts

@@ -1,3 +1,31 @@
+/**
+ * StateLess Hash-based Digital Signature Standard (SLH-DSA). A.k.a. Sphincs+.
+ * FIPS-205 (spec v3.1) is implemented.
+ *
+ * There are many different kinds of SLH, but basically `sha2` / `shake` indicate internal hash,
+ * `128` / `192` / `256` indicate security level, and `s` /`f` indicate trade-off (Small / Fast).
+ *
+ * Hashes function similarly to signatures. You hash a private key to get a public key,
+ * which can be used to verify the private key. However, this only works once since
+ * disclosing the pre-image invalidates the key.
+ *
+ * To address the "one-time" limitation, we can use a Merkle tree root hash:
+ * h(h(h(0) || h(1)) || h(h(2) || h(3))))
+ *
+ * This allows us to have the same public key output from the hash, but disclosing one
+ * path in the tree doesn't invalidate the others. By choosing a path related to the
+ * message, we can "sign" it.
+ *
+ * Limitation: Only a fixed number of signatures can be made. For instance, a Merkle tree
+ * with depth 8 allows 256 distinct messages. Using different trees for each node can
+ * prevent forgeries, but the key will still degrade over time.
+ *
+ * WOTS: One-time signatures (can be forged if same key used twice).
+ * FORS: Forest of Random Subsets
+ *
+ * Check out [official site](https://sphincs.org) & [repo](https://github.com/sphincs/sphincsplus).
+ * @module
+ */
 /*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
 import { HMAC } from '@noble/hashes/hmac';
 import { sha256, sha512 } from '@noble/hashes/sha2';
@@ -14,35 +42,6 @@ import {
   vecCoder,
 } from './utils.js';
 
-/*
-Hash-based digital signature algorithm. See [official site](https://sphincs.org).
-We implement spec v3.1 with latest FIPS-205 changes.
-It's compatible with the latest version in the [official repo](https://github.com/sphincs/sphincsplus).
-
-*/
-
-/*
-WOTS: One-time signatures (can be forged if same key used twice)
-FORS: Forest of Random Subsets
-
-Hashes are like signatures. You take private key, hash it, and share the result pubKey.
-After that you can verify it was yours by also sharing the private key.
-However, it will only work once: after pre-image was disclosed, it can't be used again.
-It also doesn't sign the message: can be interceptd and message can be replaced.
-
-How to solve "one-time" hashing? Instead of hash(k), we can provide merkle tree root hash:
-
-    h(h(h(0) || h(1)) || h(h(2) || h(3))))
-
-Now, we have the same pubKey output of hash, but disclosing one path in tree doesn't
-invalidate the others, since they are still unknown. By choosing path which is related
-to the message, we can "sign" it.
-
-There is a limitation: only a fixed amount of signatures can be made,
-a merkle tree with depth: 8 would mean 2**8 (256) paths aka 256 distinct messages.
-Attaching a different tree to each node will solve forgeries, but the key would still degrade.
-*/
-
 /**
  * * N: Security parameter (in bytes). W: Winternitz parameter
  * * H: Hypertree height. D: Hypertree layers
@@ -62,6 +61,7 @@ export type SphincsHashOpts = {
   getContext: GetContext;
 };
 
+/** Winternitz signature params. */
 export const PARAMS: Record<string, SphincsOpts> = {
   '128f': { W: 16, N: 16, H: 66, D: 22, K: 33, A: 6 },
   '128s': { W: 16, N: 16, H: 63, D: 7, K: 14, A: 12 },
@@ -81,9 +81,10 @@ const enum AddressType {
   FORSPRF,
 }
 
+/** Address, byte array of size ADDR_BYTES */
 export type ADRS = Uint8Array;
 
-type Context = {
+export type Context = {
   PRFaddr: (addr: ADRS) => Uint8Array;
   PRFmsg: (skPRF: Uint8Array, random: Uint8Array, msg: Uint8Array) => Uint8Array;
   Hmsg: (R: Uint8Array, pk: Uint8Array, m: Uint8Array, outLen: number) => Uint8Array;
@@ -97,8 +98,7 @@ export type GetContext = (
 
 function hexToNumber(hex: string): bigint {
   if (typeof hex !== 'string') throw new Error('hex string expected, got ' + typeof hex);
-  // Big Endian
-  return BigInt(hex === '' ? '0' : `0x${hex}`);
+  return BigInt(hex === '' ? '0' : '0x' + hex); // Big Endian
 }
 
 // BE: Big Endian, LE: Little Endian
@@ -131,7 +131,7 @@ function getMaskBig(bits: number) {
   return (1n << BigInt(bits)) - 1n; // 4 -> 0b1111
 }
 
-type SphincsSigner = Signer & { seedLen: number };
+export type SphincsSigner = Signer & { seedLen: number };
 
 function gen(opts: SphincsOpts, hashOpts: SphincsHashOpts): SphincsSigner {
   const { N, W, H, D, K, A } = opts;
@@ -563,13 +563,18 @@ const genShake =
 
 const SHAKE_SIMPLE = { getContext: genShake() };
 
-// Only simple mode in SLH-DSA
-export const slh_dsa_shake_128f = /* @__PURE__ */ gen(PARAMS['128f'], SHAKE_SIMPLE);
-export const slh_dsa_shake_128s = /* @__PURE__ */ gen(PARAMS['128s'], SHAKE_SIMPLE);
-export const slh_dsa_shake_192f = /* @__PURE__ */ gen(PARAMS['192f'], SHAKE_SIMPLE);
-export const slh_dsa_shake_192s = /* @__PURE__ */ gen(PARAMS['192s'], SHAKE_SIMPLE);
-export const slh_dsa_shake_256f = /* @__PURE__ */ gen(PARAMS['256f'], SHAKE_SIMPLE);
-export const slh_dsa_shake_256s = /* @__PURE__ */ gen(PARAMS['256s'], SHAKE_SIMPLE);
+/** SLH-DSA: 128-bit fast SHAKE version. */
+export const slh_dsa_shake_128f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['128f'], SHAKE_SIMPLE);
+/** SLH-DSA: 128-bit short SHAKE version. */
+export const slh_dsa_shake_128s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['128s'], SHAKE_SIMPLE);
+/** SLH-DSA: 192-bit fast SHAKE version. */
+export const slh_dsa_shake_192f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['192f'], SHAKE_SIMPLE);
+/** SLH-DSA: 192-bit short SHAKE version. */
+export const slh_dsa_shake_192s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['192s'], SHAKE_SIMPLE);
+/** SLH-DSA: 256-bit fast SHAKE version. */
+export const slh_dsa_shake_256f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['256f'], SHAKE_SIMPLE);
+/** SLH-DSA: 256-bit short SHAKE version. */
+export const slh_dsa_shake_256s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['256s'], SHAKE_SIMPLE);
 
 type ShaType = typeof sha256 | typeof sha512;
 const genSha =
@@ -669,10 +674,15 @@ const SHA512_SIMPLE = {
   getContext: genSha(sha256, sha512),
 };
 
-// Only simple mode in SLH-DSA
-export const slh_dsa_sha2_128f = /* @__PURE__ */ gen(PARAMS['128f'], SHA256_SIMPLE);
-export const slh_dsa_sha2_128s = /* @__PURE__ */ gen(PARAMS['128s'], SHA256_SIMPLE);
-export const slh_dsa_sha2_192f = /* @__PURE__ */ gen(PARAMS['192f'], SHA512_SIMPLE);
-export const slh_dsa_sha2_192s = /* @__PURE__ */ gen(PARAMS['192s'], SHA512_SIMPLE);
-export const slh_dsa_sha2_256f = /* @__PURE__ */ gen(PARAMS['256f'], SHA512_SIMPLE);
-export const slh_dsa_sha2_256s = /* @__PURE__ */ gen(PARAMS['256s'], SHA512_SIMPLE);
+/** SLH-DSA: 128-bit fast SHA2 version. */
+export const slh_dsa_sha2_128f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['128f'], SHA256_SIMPLE);
+/** SLH-DSA: 128-bit small SHA2 version. */
+export const slh_dsa_sha2_128s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['128s'], SHA256_SIMPLE);
+/** SLH-DSA: 192-bit fast SHA2 version. */
+export const slh_dsa_sha2_192f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['192f'], SHA512_SIMPLE);
+/** SLH-DSA: 192-bit small SHA2 version. */
+export const slh_dsa_sha2_192s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['192s'], SHA512_SIMPLE);
+/** SLH-DSA: 256-bit fast SHA2 version. */
+export const slh_dsa_sha2_256f: SphincsSigner = /* @__PURE__ */ gen(PARAMS['256f'], SHA512_SIMPLE);
+/** SLH-DSA: 256-bit small SHA2 version. */
+export const slh_dsa_sha2_256s: SphincsSigner = /* @__PURE__ */ gen(PARAMS['256s'], SHA512_SIMPLE);

package/src/utils.ts

@@ -1,12 +1,17 @@
+/**
+ * Utilities for hex, bytearray and number handling.
+ * @module
+ */
 /*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
-import { bytes as abytes } from '@noble/hashes/_assert';
-import { TypedArray, randomBytes as randb } from '@noble/hashes/utils';
+import { abytes } from '@noble/hashes/_assert';
+import { TypedArray, concatBytes, utf8ToBytes, randomBytes as randb } from '@noble/hashes/utils';
 
-export const ensureBytes = abytes;
-export const randomBytes = randb;
+export const ensureBytes: typeof abytes = abytes;
+export const randomBytes: typeof randb = randb;
+export { concatBytes, utf8ToBytes };
 
 // Compares 2 u8a-s in kinda constant time
-export function equalBytes(a: Uint8Array, b: Uint8Array) {
+export function equalBytes(a: Uint8Array, b: Uint8Array): boolean {
   if (a.length !== b.length) return false;
   let diff = 0;
   for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i];
@@ -101,13 +106,13 @@ export function vecCoder<T>(c: BytesCoderLen<T>, vecLen: number): BytesCoderLen<
 }
 
 // cleanBytes(new Uint8Array(), [new Uint16Array(), new Uint32Array()])
-export function cleanBytes(...list: (TypedArray | TypedArray[])[]) {
+export function cleanBytes(...list: (TypedArray | TypedArray[])[]): void {
   for (const t of list) {
     if (Array.isArray(t)) for (const b of t) b.fill(0);
     else t.fill(0);
   }
 }
 
-export function getMask(bits: number) {
+export function getMask(bits: number): number {
   return (1 << bits) - 1; // 4 -> 0b1111
 }

package/utils.d.ts

@@ -1,8 +1,13 @@
+/**
+ * Utilities for hex, bytearray and number handling.
+ * @module
+ */
 /*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
-import { bytes as abytes } from '@noble/hashes/_assert';
-import { TypedArray, randomBytes as randb } from '@noble/hashes/utils';
+import { abytes } from '@noble/hashes/_assert';
+import { TypedArray, concatBytes, utf8ToBytes, randomBytes as randb } from '@noble/hashes/utils';
 export declare const ensureBytes: typeof abytes;
 export declare const randomBytes: typeof randb;
+export { concatBytes, utf8ToBytes };
 export declare function equalBytes(a: Uint8Array, b: Uint8Array): boolean;
 export type Signer = {
     signRandBytes: number;
@@ -34,5 +39,4 @@ export declare function splitCoder<T extends (number | BytesCoderLen<any>)[]>(..
 export declare function vecCoder<T>(c: BytesCoderLen<T>, vecLen: number): BytesCoderLen<T[]>;
 export declare function cleanBytes(...list: (TypedArray | TypedArray[])[]): void;
 export declare function getMask(bits: number): number;
-export {};
 //# sourceMappingURL=utils.d.ts.map

package/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,OAAO,EAAE,KAAK,IAAI,MAAM,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,WAAW,IAAI,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAEvE,eAAO,MAAM,WAAW,eAAS,CAAC;AAClC,eAAO,MAAM,WAAW,cAAQ,CAAC;AAGjC,wBAAgB,UAAU,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,WAKtD;AAED,MAAM,MAAM,MAAM,GAAG;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK;QAC5B,SAAS,EAAE,UAAU,CAAC;QACtB,SAAS,EAAE,UAAU,CAAC;KACvB,CAAC;IACF,IAAI,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,UAAU,KAAK,UAAU,CAAC;IAClF,MAAM,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,KAAK,OAAO,CAAC;CAC9E,CAAC;AAEF,MAAM,WAAW,KAAK,CAAC,CAAC,EAAE,CAAC;IACzB,MAAM,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC;IACnB,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;CAClB;AAED,MAAM,WAAW,UAAU,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC;IACzD,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,UAAU,CAAC;IAChC,MAAM,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,CAAC,CAAC;CAClC;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAGpE,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;AAC5D,KAAK,QAAQ,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI;KACxD,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;CACjE,CAAC;AACF,wBAAgB,UAAU,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,EAClE,GAAG,OAAO,EAAE,CAAC,GACZ,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CA8BhD;AAED,wBAAgB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,EAAE,CAAC,CAwBnF;AAGD,wBAAgB,UAAU,CAAC,GAAG,IAAI,EAAE,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC,EAAE,QAKhE;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,UAEnC"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,4EAA4E;AAC5E,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,IAAI,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAEjG,eAAO,MAAM,WAAW,EAAE,OAAO,MAAe,CAAC;AACjD,eAAO,MAAM,WAAW,EAAE,OAAO,KAAa,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC;AAGpC,wBAAgB,UAAU,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,GAAG,OAAO,CAKhE;AAED,MAAM,MAAM,MAAM,GAAG;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK;QAC5B,SAAS,EAAE,UAAU,CAAC;QACtB,SAAS,EAAE,UAAU,CAAC;KACvB,CAAC;IACF,IAAI,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,CAAC,EAAE,UAAU,KAAK,UAAU,CAAC;IAClF,MAAM,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,KAAK,OAAO,CAAC;CAC9E,CAAC;AAEF,MAAM,WAAW,KAAK,CAAC,CAAC,EAAE,CAAC;IACzB,MAAM,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC;IACnB,MAAM,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;CAClB;AAED,MAAM,WAAW,UAAU,CAAC,CAAC,CAAE,SAAQ,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC;IACzD,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,UAAU,CAAC;IAChC,MAAM,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,CAAC,CAAC;CAClC;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAGpE,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;AAC5D,KAAK,QAAQ,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI;KACxD,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;CACjE,CAAC;AACF,wBAAgB,UAAU,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,EAClE,GAAG,OAAO,EAAE,CAAC,GACZ,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAA;CAAE,CA8BhD;AAED,wBAAgB,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC,EAAE,CAAC,CAwBnF;AAGD,wBAAgB,UAAU,CAAC,GAAG,IAAI,EAAE,CAAC,UAAU,GAAG,UAAU,EAAE,CAAC,EAAE,GAAG,IAAI,CAKvE;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5C"}

package/utils.js

@@ -1,15 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.randomBytes = exports.ensureBytes = void 0;
+exports.utf8ToBytes = exports.concatBytes = exports.randomBytes = exports.ensureBytes = void 0;
 exports.equalBytes = equalBytes;
 exports.splitCoder = splitCoder;
 exports.vecCoder = vecCoder;
 exports.cleanBytes = cleanBytes;
 exports.getMask = getMask;
+/**
+ * Utilities for hex, bytearray and number handling.
+ * @module
+ */
 /*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
 const _assert_1 = require("@noble/hashes/_assert");
 const utils_1 = require("@noble/hashes/utils");
-exports.ensureBytes = _assert_1.bytes;
+Object.defineProperty(exports, "concatBytes", { enumerable: true, get: function () { return utils_1.concatBytes; } });
+Object.defineProperty(exports, "utf8ToBytes", { enumerable: true, get: function () { return utils_1.utf8ToBytes; } });
+exports.ensureBytes = _assert_1.abytes;
 exports.randomBytes = utils_1.randomBytes;
 // Compares 2 u8a-s in kinda constant time
 function equalBytes(a, b) {

package/utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":";;;AAQA,gCAKC;AA6BD,gCAgCC;AAED,4BAwBC;AAGD,gCAKC;AAED,0BAEC;AAhHD,4EAA4E;AAC5E,mDAAwD;AACxD,+CAAuE;AAE1D,QAAA,WAAW,GAAG,eAAM,CAAC;AACrB,QAAA,WAAW,GAAG,mBAAK,CAAC;AAEjC,0CAA0C;AAC1C,SAAgB,UAAU,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AA6BD,SAAgB,UAAU,CACxB,GAAG,OAAU;IAEb,MAAM,SAAS,GAAG,CAAC,CAA8B,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC/F,MAAM,QAAQ,GAAW,OAAO,CAAC,MAAM,CAAC,CAAC,GAAW,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnF,OAAO;QACL,QAAQ;QACR,MAAM,EAAE,CAAC,IAAO,EAAE,EAAE;YAClB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;YACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;gBACrB,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM,CAAC,GAAe,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBACnF,IAAA,mBAAW,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAClB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAChB,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;gBAC9C,GAAG,IAAI,CAAC,CAAC;YACX,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,MAAM,EAAE,CAAC,GAAe,EAAE,EAAE;YAC1B,IAAA,mBAAW,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC;YACD,OAAO,GAAkB,CAAC;QAC5B,CAAC;KACK,CAAC;AACX,CAAC;AACD,iCAAiC;AACjC,SAAgB,QAAQ,CAAI,CAAmB,EAAE,MAAc;IAC7D,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC;IACrC,OAAO;QACL,QAAQ;QACR,MAAM,EAAE,CAAC,CAAM,EAAc,EAAE;YAC7B,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM;gBACrB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,MAAM,eAAe,MAAM,EAAE,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;YACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAChB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;gBACnB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;YAClB,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,MAAM,EAAE,CAAC,CAAa,EAAO,EAAE;YAC7B,IAAA,mBAAW,EAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;YACzB,MAAM,CAAC,GAAQ,EAAE,CAAC;YAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,QAAQ;gBAC3C,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAClD,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAED,uEAAuE;AACvE,SAAgB,UAAU,CAAC,GAAG,IAAmC;IAC/D,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YAAE,KAAK,MAAM,CAAC,IAAI,CAAC;gBAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;;YAC9C,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAgB,OAAO,CAAC,IAAY;IAClC,OAAO,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;AACxC,CAAC"}
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["src/utils.ts"],"names":[],"mappings":";;;AAaA,gCAKC;AA6BD,gCAgCC;AAED,4BAwBC;AAGD,gCAKC;AAED,0BAEC;AArHD;;;GAGG;AACH,4EAA4E;AAC5E,mDAA+C;AAC/C,+CAAiG;AAIxF,4FAJY,mBAAW,OAIZ;AAAE,4FAJY,mBAAW,OAIZ;AAFpB,QAAA,WAAW,GAAkB,gBAAM,CAAC;AACpC,QAAA,WAAW,GAAiB,mBAAK,CAAC;AAG/C,0CAA0C;AAC1C,SAAgB,UAAU,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AA6BD,SAAgB,UAAU,CACxB,GAAG,OAAU;IAEb,MAAM,SAAS,GAAG,CAAC,CAA8B,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC/F,MAAM,QAAQ,GAAW,OAAO,CAAC,MAAM,CAAC,CAAC,GAAW,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnF,OAAO;QACL,QAAQ;QACR,MAAM,EAAE,CAAC,IAAO,EAAE,EAAE;YAClB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;YACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;gBACrB,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM,CAAC,GAAe,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBACnF,IAAA,mBAAW,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAClB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAChB,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;gBAC9C,GAAG,IAAI,CAAC,CAAC;YACX,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,MAAM,EAAE,CAAC,GAAe,EAAE,EAAE;YAC1B,IAAA,mBAAW,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC3B,MAAM,GAAG,GAAG,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,MAAM,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;gBACvB,MAAM,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC7B,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC;YACD,OAAO,GAAkB,CAAC;QAC5B,CAAC;KACK,CAAC;AACX,CAAC;AACD,iCAAiC;AACjC,SAAgB,QAAQ,CAAI,CAAmB,EAAE,MAAc;IAC7D,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC;IACrC,OAAO;QACL,QAAQ;QACR,MAAM,EAAE,CAAC,CAAM,EAAc,EAAE;YAC7B,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM;gBACrB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,MAAM,eAAe,MAAM,EAAE,CAAC,CAAC;YACpF,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;YACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAChB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ;gBACnB,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC;YAClB,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,MAAM,EAAE,CAAC,CAAa,EAAO,EAAE;YAC7B,IAAA,mBAAW,EAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;YACzB,MAAM,CAAC,GAAQ,EAAE,CAAC;YAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,QAAQ;gBAC3C,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAClD,OAAO,CAAC,CAAC;QACX,CAAC;KACF,CAAC;AACJ,CAAC;AAED,uEAAuE;AACvE,SAAgB,UAAU,CAAC,GAAG,IAAmC;IAC/D,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YAAE,KAAK,MAAM,CAAC,IAAI,CAAC;gBAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;;YAC9C,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAgB,OAAO,CAAC,IAAY;IAClC,OAAO,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc;AACxC,CAAC"}