npm - @session.js/blinded-session-id - Versions diffs - 1.0.6 → 1.0.7 - Mend

@session.js/blinded-session-id 1.0.6 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -167,10 +167,7 @@ getBlindingK(sogsPublicKey);
 ## Acknowledgements
-Credit to li0ard for [https://github.com/theinfinityway/session_id/](https://github.com/theinfinityway/session_id/) (MIT license)
-Credit to [xHD-Wallet-API-ts](https://github.com/algorandfoundation/xHD-Wallet-API-ts) for scalar multiplication functions implementations (Apache-2.0 license)
+Credit to li0ard for [https://github.com/theinfinityway/session_id/](https://github.com/theinfinityway/session_id/) (MIT license) and src/scalar-math.ts
 ## Made for Session.js
 Use Session messenger programmatically with [Session.js](https://git.hloth.dev/session.js/client): Session bots, custom Session clients, and more.

package/dist/blinding.js CHANGED Viewed

@@ -1,17 +1,17 @@
 import { hexToBytes } from "@noble/curves/utils.js";
 import { SessionValidationError, SessionValidationErrorCode } from "@session.js/errors";
-import { crypto_scalarmult_ed25519_noclamp, crypto_sign_curve25519_pk_to_ed25519, } from "./scalar-math";
+import { multiplyPointToScalar, curve25519ToEd25519, ed25519ToCurve25519 } from "./scalar-math";
 import { getBlindingK, hexRegex, keyToSessionId } from "./utils";
 export function blindKey15({ ed25519PublicKey, serverPublicKey, }) {
     const blindingKInput = serverPublicKey;
     const k = getBlindingK(blindingKInput);
-    const kA = crypto_scalarmult_ed25519_noclamp(k, ed25519PublicKey);
+    const kA = multiplyPointToScalar(k, ed25519PublicKey);
     return kA;
 }
 export function blindKey25({ x25519PublicKey, ed25519PublicKey, serverPublicKey, }) {
     const blindingKInput = new Uint8Array([0x05, ...x25519PublicKey, ...serverPublicKey]);
     const k = getBlindingK(blindingKInput);
-    const kA = crypto_scalarmult_ed25519_noclamp(k, ed25519PublicKey);
+    const kA = multiplyPointToScalar(k, ed25519PublicKey);
     return kA;
 }
 export function blindSessionId(options) {
@@ -26,7 +26,7 @@ export function blindSessionId(options) {
             });
         }
         ed25519PublicKey = options.ed25519PublicKey;
-        x25519PublicKey = crypto_sign_curve25519_pk_to_ed25519(ed25519PublicKey);
+        x25519PublicKey = ed25519ToCurve25519(ed25519PublicKey);
     }
     else {
         if ("sessionId" in options) {
@@ -60,7 +60,7 @@ export function blindSessionId(options) {
             }
             x25519PublicKey = options.x25519PublicKey;
         }
-        ed25519PublicKey = crypto_sign_curve25519_pk_to_ed25519(x25519PublicKey);
+        ed25519PublicKey = curve25519ToEd25519(x25519PublicKey);
     }
     if (typeof options.sogsPublicKey === "string") {
         if (!hexRegex.test(options.sogsPublicKey) || options.sogsPublicKey.length % 2 !== 0) {

package/dist/scalar-math.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-export declare function crypto_scalarmult_ed25519_base_noclamp(scalar: Uint8Array): Uint8Array;
-export declare function crypto_core_ed25519_scalar_add(scalarA: Uint8Array, scalarB: Uint8Array): Uint8Array;
-export declare function crypto_core_ed25519_scalar_mul(scalarA: Uint8Array, scalarB: Uint8Array): Uint8Array;
-export declare function crypto_core_ed25519_scalar_reduce(scalar: Uint8Array): Uint8Array;
-export declare function crypto_sign_ed25519_sk_to_curve25519(edPrivKey: Uint8Array): Uint8Array;
-export declare function crypto_sign_curve25519_pk_to_ed25519(x25519Pk: Uint8Array): Uint8Array;
-export declare function crypto_scalarmult_ed25519_noclamp(scalar32: Uint8Array, point32: Uint8Array): Uint8Array;
+export declare function scalarAdd(scalarA: Uint8Array, scalarB: Uint8Array): Uint8Array;
+export declare function scalarMul(scalarA: Uint8Array, scalarB: Uint8Array): Uint8Array;
+export declare function scalarReduce(scalar: Uint8Array): Uint8Array;
+export declare function invertScalar(scalar: Uint8Array): Uint8Array;
+export declare function multiplyPointToScalar(scalar: Uint8Array, point: Uint8Array): Uint8Array;
+export declare function ed25519ToCurve25519(ed25519Pk: Uint8Array): Uint8Array;
+export declare function curve25519ToEd25519(x25519Pk: Uint8Array): Uint8Array;

package/dist/scalar-math.js CHANGED Viewed

@@ -1,95 +1,43 @@
-// Credit: https://github.com/algorandfoundation/xHD-Wallet-API-ts/blob/2c5afbf6a1bed04ed952b65b754a36ed31669872/src/sumo.facade.ts
-// License: Apache 2.0: https://github.com/algorandfoundation/xHD-Wallet-API-ts/blob/main/LICENSE
 import { ed25519 } from "@noble/curves/ed25519.js";
 import { mod } from "@noble/curves/abstract/modular.js";
 import { bytesToNumberLE, numberToBytesLE } from "@noble/curves/utils.js";
-const crypto_scalarmult_ed25519_SCALARBYTES = 32;
-export function crypto_scalarmult_ed25519_base_noclamp(scalar) {
-    if (scalar.length !== crypto_scalarmult_ed25519_SCALARBYTES) {
-        throw new Error(`scalar must be ${crypto_scalarmult_ed25519_SCALARBYTES} bytes`);
-    }
-    const scalarBigint = bytesToNumberLE(scalar);
-    try {
-        const point = ed25519.Point.BASE.multiply(scalarBigint);
-        return point.toBytes();
-    }
-    catch {
-        if (scalarBigint === 0n) {
-            const identity = new Uint8Array(32);
-            identity[0] = 1;
-            return identity;
-        }
-        const reducedScalar = mod(scalarBigint, ed25519.Point.Fn.ORDER);
-        if (reducedScalar === 0n) {
-            const identity = new Uint8Array(32);
-            identity[0] = 1;
-            return identity;
-        }
-        const point = ed25519.Point.BASE.multiply(reducedScalar);
-        return point.toBytes();
-    }
-}
-export function crypto_core_ed25519_scalar_add(scalarA, scalarB) {
+export function scalarAdd(scalarA, scalarB) {
     const a = bytesToNumberLE(scalarA);
     const b = bytesToNumberLE(scalarB);
-    const result = mod(a + b, ed25519.Point.Fn.ORDER);
+    const result = ed25519.Point.Fn.add(a, b);
     return numberToBytesLE(result, 32);
 }
-export function crypto_core_ed25519_scalar_mul(scalarA, scalarB) {
+export function scalarMul(scalarA, scalarB) {
     const a = bytesToNumberLE(scalarA);
     const b = bytesToNumberLE(scalarB);
-    const result = mod(a * b, ed25519.Point.Fn.ORDER);
+    const result = ed25519.Point.Fn.mul(a, b);
     return numberToBytesLE(result, 32);
 }
-export function crypto_core_ed25519_scalar_reduce(scalar) {
+export function scalarReduce(scalar) {
     const scalarNum = bytesToNumberLE(scalar);
     const result = mod(scalarNum, ed25519.Point.Fn.ORDER);
     return numberToBytesLE(result, 32);
 }
-export function crypto_sign_ed25519_sk_to_curve25519(edPrivKey) {
-    const seed = edPrivKey.slice(0, 32);
-    return ed25519.utils.toMontgomerySecret(seed);
+export function invertScalar(scalar) {
+    const s = bytesToNumberLE(scalar);
+    const inverted = ed25519.Point.Fn.inv(s);
+    return numberToBytesLE(inverted, 32);
 }
-export function crypto_sign_curve25519_pk_to_ed25519(x25519Pk) {
-    const P = 2n ** 255n - 19n;
-    let u = 0n;
-    for (let i = 0; i < x25519Pk.length; i++) {
-        u += BigInt(x25519Pk[i]) << (8n * BigInt(i));
-    }
-    const modPow = (base, exp, mod) => {
-        let result = 1n;
-        base = base % mod;
-        while (exp > 0n) {
-            if (exp % 2n === 1n)
-                result = (result * base) % mod;
-            exp = exp >> 1n;
-            base = (base * base) % mod;
-        }
-        return result;
-    };
-    const modInv = (a) => modPow(a, P - 2n, P);
-    const y = (((u - 1n + P) % P) * modInv((u + 1n) % P)) % P;
-    const yBytes = new Uint8Array(32);
-    let yTemp = y;
-    for (let i = 0; i < 32; i++) {
-        yBytes[i] = Number(yTemp & 0xffn);
-        yTemp >>= 8n;
-    }
-    yBytes[31] &= 0x7f;
-    return yBytes;
-}
-export function crypto_scalarmult_ed25519_noclamp(scalar32, point32) {
-    if (scalar32.length !== 32) {
-        throw new Error(`crypto_scalarmult_ed25519_noclamp: expected 32-byte scalar, got ${scalar32.length}`);
-    }
-    if (point32.length !== 32) {
-        throw new Error(`crypto_scalarmult_ed25519_noclamp: expected 32-byte point, got ${point32.length}`);
-    }
+export function multiplyPointToScalar(scalar, point) {
     const L = ed25519.Point.Fn.ORDER;
-    const s = bytesToNumberLE(scalar32) % L;
-    const P = ed25519.Point.fromBytes(point32);
+    const s = mod(bytesToNumberLE(scalar), L);
+    const P = ed25519.Point.fromBytes(point);
     if (P.isSmallOrder()) {
-        throw new Error("crypto_scalarmult_ed25519_noclamp: invalid point (small order)");
+        throw new Error("scalarMultEd25519NoClamp: invalid point (small order)");
     }
     return P.multiply(s).toBytes();
 }
+export function ed25519ToCurve25519(ed25519Pk) {
+    const seed = ed25519Pk.slice(0, 32);
+    return ed25519.utils.toMontgomerySecret(seed);
+}
+export function curve25519ToEd25519(x25519Pk) {
+    const f = ed25519.Point.Fp;
+    const x = f.fromBytes(x25519Pk);
+    return f.toBytes(f.div(f.sub(x, f.ONE), f.add(x, f.ONE)));
+}

package/dist/unblinding.js CHANGED Viewed

@@ -1,13 +1,13 @@
 import { ed25519 } from "@noble/curves/ed25519.js";
-import { bytesToNumberLE, numberToBytesLE, hexToBytes } from "@noble/curves/utils.js";
+import { hexToBytes } from "@noble/curves/utils.js";
 import { SessionValidationError, SessionValidationErrorCode } from "@session.js/errors";
-import { crypto_scalarmult_ed25519_noclamp } from "./scalar-math";
+import { invertScalar, multiplyPointToScalar } from "./scalar-math";
 import { getBlindingK, hexRegex, keyToSessionId } from "./utils";
 export function unblindKey15({ blindedKey, serverPublicKey, }) {
     const blindingKInput = serverPublicKey;
     const k = getBlindingK(blindingKInput);
-    const kInverted = numberToBytesLE(ed25519.Point.Fn.inv(bytesToNumberLE(k)), 32);
-    const kA = crypto_scalarmult_ed25519_noclamp(kInverted, blindedKey);
+    const kInverted = invertScalar(k);
+    const kA = multiplyPointToScalar(kInverted, blindedKey);
     const x25519PublicKey = ed25519.utils.toMontgomery(kA);
     return x25519PublicKey;
 }

package/dist/utils.js CHANGED Viewed

@@ -1,12 +1,12 @@
 import { blake2b } from "@noble/hashes/blake2.js";
 import { bytesToHex } from "@noble/curves/utils.js";
-import { crypto_core_ed25519_scalar_reduce } from "./scalar-math";
+import { scalarReduce } from "./scalar-math";
 export const hexRegex = /^[0-9a-fA-F]+$/i;
 export function getBlindingK(input) {
     const serverPkHash = blake2b(input, {
         dkLen: 64,
     });
-    const k = crypto_core_ed25519_scalar_reduce(serverPkHash);
+    const k = scalarReduce(serverPkHash);
     return k;
 }
 export function keyToSessionId(prefix, key) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "@session.js/blinded-session-id",
-	"version": "1.0.6",
+	"version": "1.0.7",
 	"description": "Utility JavaScript library with methods to work with Session's blinded Session ID",
 	"homepage": "https://git.hloth.dev/session.js/blinded-session-id#readme",
 	"bugs": {