@noble/curves
Advanced tools
Comparing version 1.3.0 to 1.4.0
@@ -72,8 +72,8 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
sign: { | ||
(message: Hex, privateKey: PrivKey): Uint8Array; | ||
(message: ProjPointType<Fp2>, privateKey: PrivKey): ProjPointType<Fp2>; | ||
(message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; | ||
(message: ProjPointType<Fp2>, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType<Fp2>; | ||
}; | ||
signShortSignature: { | ||
(message: Hex, privateKey: PrivKey): Uint8Array; | ||
(message: ProjPointType<Fp>, privateKey: PrivKey): ProjPointType<Fp>; | ||
(message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; | ||
(message: ProjPointType<Fp>, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType<Fp>; | ||
}; | ||
@@ -80,0 +80,0 @@ verify: (signature: Hex | ProjPointType<Fp2>, message: Hex | ProjPointType<Fp2>, publicKey: Hex | ProjPointType<Fp>, htfOpts?: htfBasicOpts) => boolean; |
@@ -6,9 +6,2 @@ "use strict"; | ||
const utils_js_1 = require("./utils.js"); | ||
function validateDST(dst) { | ||
if ((0, utils_js_1.isBytes)(dst)) | ||
return dst; | ||
if (typeof dst === 'string') | ||
return (0, utils_js_1.utf8ToBytes)(dst); | ||
throw new Error('DST must be Uint8Array or string'); | ||
} | ||
// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. | ||
@@ -35,7 +28,3 @@ const os2ip = utils_js_1.bytesToNumberBE; | ||
} | ||
function abytes(item) { | ||
if (!(0, utils_js_1.isBytes)(item)) | ||
throw new Error('Uint8Array expected'); | ||
} | ||
function isNum(item) { | ||
function anum(item) { | ||
if (!Number.isSafeInteger(item)) | ||
@@ -47,5 +36,5 @@ throw new Error('number expected'); | ||
function expand_message_xmd(msg, DST, lenInBytes, H) { | ||
abytes(msg); | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
(0, utils_js_1.abytes)(msg); | ||
(0, utils_js_1.abytes)(DST); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -78,5 +67,5 @@ if (DST.length > 255) | ||
function expand_message_xof(msg, DST, lenInBytes, k, H) { | ||
abytes(msg); | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
(0, utils_js_1.abytes)(msg); | ||
(0, utils_js_1.abytes)(DST); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -116,5 +105,5 @@ // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); | ||
const { p, k, m, hash, expand, DST: _DST } = options; | ||
abytes(msg); | ||
isNum(count); | ||
const DST = validateDST(_DST); | ||
(0, utils_js_1.abytes)(msg); | ||
anum(count); | ||
const DST = typeof _DST === 'string' ? (0, utils_js_1.utf8ToBytes)(_DST) : _DST; | ||
const log2p = p.toString(2).length; | ||
@@ -121,0 +110,0 @@ const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above |
@@ -13,2 +13,3 @@ export type Hex = Uint8Array | string; | ||
export declare function isBytes(a: unknown): a is Uint8Array; | ||
export declare function abytes(item: unknown): void; | ||
/** | ||
@@ -62,3 +63,3 @@ * @example bytesToHex(Uint8Array.from([0xca, 0xfe, 0x01, 0x23])) // 'cafe0123' | ||
*/ | ||
export declare const bitSet: (n: bigint, pos: number, value: boolean) => bigint; | ||
export declare function bitSet(n: bigint, pos: number, value: boolean): bigint; | ||
/** | ||
@@ -65,0 +66,0 @@ * Calculate mask for N bits. Not using ** operator with bigints because of old engines. |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.validateObject = exports.createHmacDrbg = exports.bitMask = exports.bitSet = exports.bitGet = exports.bitLen = exports.utf8ToBytes = exports.equalBytes = exports.concatBytes = exports.ensureBytes = exports.numberToVarBytesBE = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = exports.isBytes = void 0; | ||
exports.validateObject = exports.createHmacDrbg = exports.bitMask = exports.bitSet = exports.bitGet = exports.bitLen = exports.utf8ToBytes = exports.equalBytes = exports.concatBytes = exports.ensureBytes = exports.numberToVarBytesBE = exports.numberToBytesLE = exports.numberToBytesBE = exports.bytesToNumberLE = exports.bytesToNumberBE = exports.hexToBytes = exports.hexToNumber = exports.numberToHexUnpadded = exports.bytesToHex = exports.abytes = exports.isBytes = void 0; | ||
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
@@ -17,2 +17,7 @@ // 100 lines of code in the file are duplicated from noble-hashes (utils). | ||
exports.isBytes = isBytes; | ||
function abytes(item) { | ||
if (!isBytes(item)) | ||
throw new Error('Uint8Array expected'); | ||
} | ||
exports.abytes = abytes; | ||
// Array where index 0xf0 (240) is mapped to string 'f0' | ||
@@ -24,4 +29,3 @@ const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); | ||
function bytesToHex(bytes) { | ||
if (!isBytes(bytes)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
// pre-caching improves the speed 6x | ||
@@ -87,4 +91,3 @@ let hex = ''; | ||
function bytesToNumberLE(bytes) { | ||
if (!isBytes(bytes)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); | ||
@@ -146,9 +149,7 @@ } | ||
const a = arrays[i]; | ||
if (!isBytes(a)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(a); | ||
sum += a.length; | ||
} | ||
let res = new Uint8Array(sum); | ||
let pad = 0; | ||
for (let i = 0; i < arrays.length; i++) { | ||
const res = new Uint8Array(sum); | ||
for (let i = 0, pad = 0; i < arrays.length; i++) { | ||
const a = arrays[i]; | ||
@@ -204,5 +205,5 @@ res.set(a, pad); | ||
*/ | ||
const bitSet = (n, pos, value) => { | ||
function bitSet(n, pos, value) { | ||
return n | ((value ? _1n : _0n) << BigInt(pos)); | ||
}; | ||
} | ||
exports.bitSet = bitSet; | ||
@@ -209,0 +210,0 @@ /** |
@@ -26,3 +26,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
}; | ||
type Entropy = Hex | true; | ||
type Entropy = Hex | boolean; | ||
export type SignOpts = { | ||
@@ -29,0 +29,0 @@ lowS?: boolean; |
@@ -68,4 +68,3 @@ "use strict"; | ||
const data = typeof hex === 'string' ? h2b(hex) : hex; | ||
if (!ut.isBytes(data)) | ||
throw new Error('ui8a expected'); | ||
ut.abytes(data); | ||
let l = data.length; | ||
@@ -579,3 +578,10 @@ if (l < 2 || data[0] != 0x30) | ||
const y2 = weierstrassEquation(x); // y² = x³ + ax + b | ||
let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
let y; | ||
try { | ||
y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
} | ||
catch (sqrtError) { | ||
const suffix = sqrtError instanceof Error ? ': ' + sqrtError.message : ''; | ||
throw new Error('Point is not on curve' + suffix); | ||
} | ||
const isYOdd = (y & _1n) === _1n; | ||
@@ -807,3 +813,3 @@ // ECDSA | ||
// extraEntropy. RFC6979 3.6: additional k' (optional). | ||
if (ent != null) { | ||
if (ent != null && ent !== false) { | ||
// K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') | ||
@@ -810,0 +816,0 @@ const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is |
@@ -1186,3 +1186,3 @@ "use strict"; | ||
const P = Fp.ORDER; | ||
const half = hex.length / 2; | ||
const half = value.length / 2; | ||
if (half !== 48 && half !== 96) | ||
@@ -1189,0 +1189,0 @@ throw new Error('Invalid compressed signature length, must be 96 or 192'); |
import { mod } from './modular.js'; | ||
import { bytesToNumberBE, isBytes, concatBytes, utf8ToBytes, validateObject } from './utils.js'; | ||
function validateDST(dst) { | ||
if (isBytes(dst)) | ||
return dst; | ||
if (typeof dst === 'string') | ||
return utf8ToBytes(dst); | ||
throw new Error('DST must be Uint8Array or string'); | ||
} | ||
import { bytesToNumberBE, abytes, concatBytes, utf8ToBytes, validateObject } from './utils.js'; | ||
// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. | ||
@@ -31,7 +24,3 @@ const os2ip = bytesToNumberBE; | ||
} | ||
function abytes(item) { | ||
if (!isBytes(item)) | ||
throw new Error('Uint8Array expected'); | ||
} | ||
function isNum(item) { | ||
function anum(item) { | ||
if (!Number.isSafeInteger(item)) | ||
@@ -45,3 +34,3 @@ throw new Error('number expected'); | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -75,3 +64,3 @@ if (DST.length > 255) | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -111,4 +100,4 @@ // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); | ||
abytes(msg); | ||
isNum(count); | ||
const DST = validateDST(_DST); | ||
anum(count); | ||
const DST = typeof _DST === 'string' ? utf8ToBytes(_DST) : _DST; | ||
const log2p = p.toString(2).length; | ||
@@ -115,0 +104,0 @@ const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above |
@@ -13,2 +13,6 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
} | ||
export function abytes(item) { | ||
if (!isBytes(item)) | ||
throw new Error('Uint8Array expected'); | ||
} | ||
// Array where index 0xf0 (240) is mapped to string 'f0' | ||
@@ -20,4 +24,3 @@ const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0')); | ||
export function bytesToHex(bytes) { | ||
if (!isBytes(bytes)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
// pre-caching improves the speed 6x | ||
@@ -78,4 +81,3 @@ let hex = ''; | ||
export function bytesToNumberLE(bytes) { | ||
if (!isBytes(bytes)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); | ||
@@ -132,9 +134,7 @@ } | ||
const a = arrays[i]; | ||
if (!isBytes(a)) | ||
throw new Error('Uint8Array expected'); | ||
abytes(a); | ||
sum += a.length; | ||
} | ||
let res = new Uint8Array(sum); | ||
let pad = 0; | ||
for (let i = 0; i < arrays.length; i++) { | ||
const res = new Uint8Array(sum); | ||
for (let i = 0, pad = 0; i < arrays.length; i++) { | ||
const a = arrays[i]; | ||
@@ -185,5 +185,5 @@ res.set(a, pad); | ||
*/ | ||
export const bitSet = (n, pos, value) => { | ||
export function bitSet(n, pos, value) { | ||
return n | ((value ? _1n : _0n) << BigInt(pos)); | ||
}; | ||
} | ||
/** | ||
@@ -190,0 +190,0 @@ * Calculate mask for N bits. Not using ** operator with bigints because of old engines. |
@@ -65,4 +65,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
const data = typeof hex === 'string' ? h2b(hex) : hex; | ||
if (!ut.isBytes(data)) | ||
throw new Error('ui8a expected'); | ||
ut.abytes(data); | ||
let l = data.length; | ||
@@ -575,3 +574,10 @@ if (l < 2 || data[0] != 0x30) | ||
const y2 = weierstrassEquation(x); // y² = x³ + ax + b | ||
let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
let y; | ||
try { | ||
y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
} | ||
catch (sqrtError) { | ||
const suffix = sqrtError instanceof Error ? ': ' + sqrtError.message : ''; | ||
throw new Error('Point is not on curve' + suffix); | ||
} | ||
const isYOdd = (y & _1n) === _1n; | ||
@@ -803,3 +809,3 @@ // ECDSA | ||
// extraEntropy. RFC6979 3.6: additional k' (optional). | ||
if (ent != null) { | ||
if (ent != null && ent !== false) { | ||
// K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') | ||
@@ -806,0 +812,0 @@ const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is |
@@ -1183,3 +1183,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
const P = Fp.ORDER; | ||
const half = hex.length / 2; | ||
const half = value.length / 2; | ||
if (half !== 48 && half !== 96) | ||
@@ -1186,0 +1186,0 @@ throw new Error('Invalid compressed signature length, must be 96 or 192'); |
@@ -1,3 +0,3 @@ | ||
"use strict"; | ||
throw new Error('Incorrect usage. Import submodules instead'); | ||
export {}; | ||
//# sourceMappingURL=index.js.map |
{ | ||
"name": "@noble/curves", | ||
"version": "1.3.0", | ||
"version": "1.4.0", | ||
"description": "Audited & minimal JS implementation of elliptic curve cryptography", | ||
@@ -17,3 +17,3 @@ "files": [ | ||
"build": "tsc && tsc -p tsconfig.esm.json", | ||
"build:release": "cd build; npm install && npm run build", | ||
"build:release": "cd build && npm i && npm run build", | ||
"build:clean": "rm *.{js,d.ts,d.ts.map,js.map} esm/*.{js,d.ts,d.ts.map,js.map} 2> /dev/null", | ||
@@ -28,7 +28,7 @@ "lint": "prettier --check 'src/**/*.{js,ts}' 'test/*.js'", | ||
"type": "git", | ||
"url": "https://github.com/paulmillr/noble-curves.git" | ||
"url": "git+https://github.com/paulmillr/noble-curves.git" | ||
}, | ||
"license": "MIT", | ||
"dependencies": { | ||
"@noble/hashes": "1.3.3" | ||
"@noble/hashes": "1.4.0" | ||
}, | ||
@@ -183,2 +183,2 @@ "devDependencies": { | ||
"funding": "https://paulmillr.com/funding/" | ||
} | ||
} |
@@ -10,11 +10,15 @@ # noble-curves | ||
- ➰ Short Weierstrass, Edwards, Montgomery curves | ||
- ✍️ ECDSA, EdDSA, Schnorr, BLS signature schemes, ECDH key agreement | ||
- ✍️ ECDSA, EdDSA, Schnorr, BLS signature schemes, ECDH key agreement, hashing to curves | ||
- 🔖 SUF-CMA, SBS (non-repudiation), ZIP215 (consensus friendliness) features for ed25519 | ||
- #️⃣ hash-to-curve for encoding or hashing an arbitrary string to an elliptic curve point | ||
- 🧜♂️ Poseidon ZK-friendly hash | ||
- 🪶 178KB for everything, 25KB for single-curve build | ||
### This library belongs to _noble_ crypto | ||
For discussions, questions and support, visit | ||
[GitHub Discussions](https://github.com/paulmillr/noble-curves/discussions) | ||
section of the repository. | ||
> **noble-crypto** — high-security, easily auditable set of contained cryptographic libraries and tools. | ||
### This library belongs to _noble_ cryptography | ||
> **noble cryptography** — high-security, easily auditable set of contained cryptographic libraries and tools. | ||
- Zero or minimal dependencies | ||
@@ -26,3 +30,6 @@ - Highly readable TypeScript / JS code | ||
[curves](https://github.com/paulmillr/noble-curves), | ||
[hashes](https://github.com/paulmillr/noble-hashes) | ||
[hashes](https://github.com/paulmillr/noble-hashes), | ||
[post-quantum](https://github.com/paulmillr/noble-post-quantum), | ||
4kb [secp256k1](https://github.com/paulmillr/noble-secp256k1) / | ||
[ed25519](https://github.com/paulmillr/noble-ed25519) | ||
- [Check out homepage](https://paulmillr.com/noble/) | ||
@@ -43,3 +50,3 @@ for reading resources, documentation and apps built with noble | ||
import { secp256k1 } from '@noble/curves/secp256k1'; // ESM and Common.js | ||
// import { secp256k1 } from 'npm:@noble/curves@1.2.0/secp256k1'; // Deno | ||
// import { secp256k1 } from 'npm:@noble/curves@1.4.0/secp256k1'; // Deno | ||
``` | ||
@@ -95,2 +102,4 @@ | ||
We support P256 (secp256r1), P384 (secp384r1), P521 (secp521r1). | ||
#### ECDSA public key recovery & extra entropy | ||
@@ -244,3 +253,3 @@ | ||
See [abstract/bls](#abstractbls-barreto-lynn-scott-curves). | ||
See [abstract/bls](#bls-barreto-lynn-scott-curves). | ||
@@ -612,2 +621,8 @@ #### All available imports | ||
// Use custom DST, e.g. for Ethereum consensus layer | ||
const htfEthereum = {DST: 'BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_'}; | ||
const signatureEth = bls.sign(message, privateKey, htfEthereum); | ||
const isValidEth = bls.verify(signature, message, publicKey, htfEthereum); | ||
console.log({ signatureEth, isValidEth }); | ||
// Sign 1 msg with 3 keys | ||
@@ -765,3 +780,3 @@ const privateKeys = [ | ||
`hashToPrivateScalar()` that hashes to **private key** was created for this purpose. | ||
Use [abstract/hash-to-curve](#abstracthash-to-curve-hashing-strings-to-curve-points) | ||
Use [abstract/hash-to-curve](#hash-to-curve-hashing-strings-to-curve-points) | ||
if you need to hash to **public key**. | ||
@@ -768,0 +783,0 @@ |
@@ -86,8 +86,8 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
sign: { | ||
(message: Hex, privateKey: PrivKey): Uint8Array; | ||
(message: ProjPointType<Fp2>, privateKey: PrivKey): ProjPointType<Fp2>; | ||
(message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; | ||
(message: ProjPointType<Fp2>, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType<Fp2>; | ||
}; | ||
signShortSignature: { | ||
(message: Hex, privateKey: PrivKey): Uint8Array; | ||
(message: ProjPointType<Fp>, privateKey: PrivKey): ProjPointType<Fp>; | ||
(message: Hex, privateKey: PrivKey, htfOpts?: htfBasicOpts): Uint8Array; | ||
(message: ProjPointType<Fp>, privateKey: PrivKey, htfOpts?: htfBasicOpts): ProjPointType<Fp>; | ||
}; | ||
@@ -94,0 +94,0 @@ verify: ( |
@@ -5,3 +5,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
import type { CHash } from './utils.js'; | ||
import { bytesToNumberBE, isBytes, concatBytes, utf8ToBytes, validateObject } from './utils.js'; | ||
import { bytesToNumberBE, abytes, concatBytes, utf8ToBytes, validateObject } from './utils.js'; | ||
@@ -26,8 +26,2 @@ /** | ||
function validateDST(dst: UnicodeOrBytes): Uint8Array { | ||
if (isBytes(dst)) return dst; | ||
if (typeof dst === 'string') return utf8ToBytes(dst); | ||
throw new Error('DST must be Uint8Array or string'); | ||
} | ||
// Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE. | ||
@@ -57,6 +51,3 @@ const os2ip = bytesToNumberBE; | ||
function abytes(item: unknown): void { | ||
if (!isBytes(item)) throw new Error('Uint8Array expected'); | ||
} | ||
function isNum(item: unknown): void { | ||
function anum(item: unknown): void { | ||
if (!Number.isSafeInteger(item)) throw new Error('number expected'); | ||
@@ -75,3 +66,3 @@ } | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -110,3 +101,3 @@ if (DST.length > 255) DST = H(concatBytes(utf8ToBytes('H2C-OVERSIZE-DST-'), DST)); | ||
abytes(DST); | ||
isNum(lenInBytes); | ||
anum(lenInBytes); | ||
// https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3 | ||
@@ -149,4 +140,4 @@ // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8)); | ||
abytes(msg); | ||
isNum(count); | ||
const DST = validateDST(_DST); | ||
anum(count); | ||
const DST = typeof _DST === 'string' ? utf8ToBytes(_DST) : _DST; | ||
const log2p = p.toString(2).length; | ||
@@ -153,0 +144,0 @@ const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above |
@@ -26,2 +26,6 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
export function abytes(item: unknown): void { | ||
if (!isBytes(item)) throw new Error('Uint8Array expected'); | ||
} | ||
// Array where index 0xf0 (240) is mapped to string 'f0' | ||
@@ -35,3 +39,3 @@ const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => | ||
export function bytesToHex(bytes: Uint8Array): string { | ||
if (!isBytes(bytes)) throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
// pre-caching improves the speed 6x | ||
@@ -91,3 +95,3 @@ let hex = ''; | ||
export function bytesToNumberLE(bytes: Uint8Array): bigint { | ||
if (!isBytes(bytes)) throw new Error('Uint8Array expected'); | ||
abytes(bytes); | ||
return hexToNumber(bytesToHex(Uint8Array.from(bytes).reverse())); | ||
@@ -144,8 +148,7 @@ } | ||
const a = arrays[i]; | ||
if (!isBytes(a)) throw new Error('Uint8Array expected'); | ||
abytes(a); | ||
sum += a.length; | ||
} | ||
let res = new Uint8Array(sum); | ||
let pad = 0; | ||
for (let i = 0; i < arrays.length; i++) { | ||
const res = new Uint8Array(sum); | ||
for (let i = 0, pad = 0; i < arrays.length; i++) { | ||
const a = arrays[i]; | ||
@@ -202,5 +205,5 @@ res.set(a, pad); | ||
*/ | ||
export const bitSet = (n: bigint, pos: number, value: boolean) => { | ||
export function bitSet(n: bigint, pos: number, value: boolean) { | ||
return n | ((value ? _1n : _0n) << BigInt(pos)); | ||
}; | ||
} | ||
@@ -207,0 +210,0 @@ /** |
@@ -30,3 +30,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
type Entropy = Hex | true; | ||
type Entropy = Hex | boolean; | ||
export type SignOpts = { lowS?: boolean; extraEntropy?: Entropy; prehash?: boolean }; | ||
@@ -162,3 +162,3 @@ export type VerOpts = { lowS?: boolean; prehash?: boolean }; | ||
const data = typeof hex === 'string' ? h2b(hex) : hex; | ||
if (!ut.isBytes(data)) throw new Error('ui8a expected'); | ||
ut.abytes(data); | ||
let l = data.length; | ||
@@ -738,3 +738,9 @@ if (l < 2 || data[0] != 0x30) throw new E('Invalid signature tag'); | ||
const y2 = weierstrassEquation(x); // y² = x³ + ax + b | ||
let y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
let y: bigint; | ||
try { | ||
y = Fp.sqrt(y2); // y = y² ^ (p+1)/4 | ||
} catch (sqrtError) { | ||
const suffix = sqrtError instanceof Error ? ': ' + sqrtError.message : ''; | ||
throw new Error('Point is not on curve' + suffix); | ||
} | ||
const isYOdd = (y & _1n) === _1n; | ||
@@ -977,3 +983,3 @@ // ECDSA | ||
// extraEntropy. RFC6979 3.6: additional k' (optional). | ||
if (ent != null) { | ||
if (ent != null && ent !== false) { | ||
// K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k') | ||
@@ -980,0 +986,0 @@ const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is |
@@ -1367,3 +1367,3 @@ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ | ||
const P = Fp.ORDER; | ||
const half = hex.length / 2; | ||
const half = value.length / 2; | ||
if (half !== 48 && half !== 96) | ||
@@ -1370,0 +1370,0 @@ throw new Error('Invalid compressed signature length, must be 96 or 192'); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1388198
152
1024
19228
+ Added@noble/hashes@1.4.0(transitive)
- Removed@noble/hashes@1.3.3(transitive)
Updated@noble/hashes@1.4.0