noble-secp256k1 - npm Package Compare versions

Comparing version 1.2.3 to 1.2.4

index.js

@@ -244,6 +244,6 @@ "use strict";
         const x = bytesToNumber(isShort ? bytes : bytes.slice(1));
-        const sqrY = weistrass(x);
-        let y = sqrtMod(sqrY);
+        const y2 = weistrass(x);
+        let y = sqrtMod(y2);
+        const isYOdd = (y & 1n) === 1n;
         if (isShort) {
-            const isYOdd = (y & 1n) === 1n;
             if (isYOdd)
@@ -254,3 +254,2 @@ y = mod(-y);
             const isFirstByteOdd = (bytes[0] & 1) === 1;
-            const isYOdd = (y & 1n) === 1n;
             if (isFirstByteOdd !== isYOdd)
@@ -271,3 +270,3 @@ y = mod(-y);
     static fromHex(hex) {
-        const bytes = hex instanceof Uint8Array ? hex : hexToBytes(hex);
+        const bytes = ensureBytes(hex);
         const header = bytes[0];
@@ -279,3 +278,3 @@ if (bytes.length === 32 || (bytes.length === 33 && (header === 0x02 || header === 0x03))) {
             return this.fromUncompressedHex(bytes);
-        throw new TypeError(`Point.fromHex: received invalid point. Expected 32-33 compressed bytes or 65 uncompressed bytes, not ${bytes.length}`);
+        throw new Error(`Point.fromHex: received invalid point. Expected 32-33 compressed bytes or 65 uncompressed bytes, not ${bytes.length}`);
     }
@@ -286,17 +285,9 @@ static fromPrivateKey(privateKey) {
     static fromSignature(msgHash, signature, recovery) {
-        let h;
-        if (typeof msgHash === 'string') {
-            h = hexToNumber(msgHash);
-        }
-        else if (msgHash instanceof Uint8Array) {
-            h = bytesToNumber(msgHash);
-        }
-        else {
-            throw new TypeError('Message hash must be a hex string or Uint8Array');
-        }
+        let h = msgHash instanceof Uint8Array ? bytesToNumber(msgHash) : hexToNumber(msgHash);
         const sig = normalizeSignature(signature);
         sig.assertValidity();
         const { r, s } = sig;
-        if (recovery !== 0 && recovery !== 1)
-            throw new Error('Invalid yParity bit');
+        if (recovery !== 0 && recovery !== 1) {
+            throw new Error('Cannot recover signature: invalid yParity bit');
+        }
         const prefix = 2 + (recovery & 1);
@@ -331,11 +322,11 @@ const P_ = Point.fromHex(`0${prefix}${pad64(r)}`);
     assertValidity() {
+        const msg = 'Point is not on elliptic curve';
+        const { P } = CURVE;
         const { x, y } = this;
-        if (x === 0n || y === 0n || x >= CURVE.P || y >= CURVE.P) {
-            throw new TypeError('Point is not on elliptic curve');
-        }
+        if (x === 0n || y === 0n || x >= P || y >= P)
+            throw new Error(msg);
         const left = mod(y * y);
         const right = weistrass(x);
-        const valid = (left - right) % CURVE.P === 0n;
-        if (!valid)
-            throw new TypeError('Point is not on elliptic curve');
+        if ((left - right) % P !== 0n)
+            throw new Error(msg);
     }
@@ -365,3 +356,3 @@ equals(other) {
 function sliceDer(s) {
-    return parseInt(s[0], 16) >= 8 ? '00' + s : s;
+    return Number.parseInt(s[0], 16) >= 8 ? '00' + s : s;
 }
@@ -468,4 +459,7 @@ class Signature {
 function hexToBytes(hex) {
-    if (typeof hex !== 'string' || hex.length % 2)
-        throw new Error('Expected valid hex');
+    if (typeof hex !== 'string') {
+        throw new TypeError('hexToBytes: expected string, got ' + typeof hex);
+    }
+    if (hex.length % 2)
+        throw new Error('hexToBytes: received invalid unpadded hex');
     const array = new Uint8Array(hex.length / 2);
@@ -478,2 +472,5 @@ for (let i = 0; i < array.length; i++) {
 }
+function ensureBytes(hex) {
+    return hex instanceof Uint8Array ? hex : hexToBytes(hex);
+}
 function bytesToNumber(bytes) {
@@ -524,3 +521,3 @@ return hexToNumber(bytesToHex(bytes));
     if (number === 0n || modulo <= 0n) {
-        throw new Error('invert: expected positive integers');
+        throw new Error(`invert: expected positive integers, got n=${number} mod=${modulo}`);
     }
@@ -583,3 +580,3 @@ let a = mod(number, modulo);
     if (k1 > POW_2_128 || k2 > POW_2_128)
-        throw new Error('Endomorphism failed');
+        throw new Error('splitScalarEndo: Endomorphism failed');
     return [k1neg, k1, k2neg, k2];
@@ -660,3 +657,3 @@ }
     if (!isWithinCurveOrder(num))
-        throw new Error('Expected private key 0 < key < n');
+        throw new Error('Expected private key: 0 < key < n');
     return num;
@@ -700,3 +697,3 @@ }
         throw new TypeError('getSharedSecret: second arg must be public key');
-    const b = publicB instanceof Point ? publicB : Point.fromHex(publicB);
+    const b = normalizePublicKey(publicB);
     b.assertValidity();
@@ -711,3 +708,3 @@ const shared = b.multiply(normalizePrivateKey(privateA));
     if (msgHash == null)
-        throw new Error(`Expected valid msgHash, not "${msgHash}"`);
+        throw new Error(`sign: expected valid msgHash, not "${msgHash}"`);
     const priv = normalizePrivateKey(privateKey);
@@ -773,3 +770,3 @@ const [q, r, s] = await getQRSrfc6979(msgHash, priv);
     static fromHex(hex) {
-        const bytes = hex instanceof Uint8Array ? hex : hexToBytes(hex);
+        const bytes = ensureBytes(hex);
         if (bytes.length !== 64) {
@@ -795,13 +792,11 @@ throw new TypeError(`SchnorrSignature.fromHex: expected 64 bytes, not ${bytes.length}`);
     if (msgHash == null)
-        throw new TypeError(`Expected valid message, not "${msgHash}"`);
+        throw new TypeError(`sign: Expected valid message, not "${msgHash}"`);
     if (!privateKey)
         privateKey = 0n;
     const { n } = CURVE;
-    const m = typeof msgHash === 'string' ? hexToBytes(msgHash) : msgHash;
+    const m = ensureBytes(msgHash);
     const d0 = normalizePrivateKey(privateKey);
-    if (!isWithinCurveOrder(d0))
-        throw new Error('Invalid private key');
-    const rand = typeof auxRand === 'string' ? hexToBytes(auxRand) : auxRand;
+    const rand = ensureBytes(auxRand);
     if (rand.length !== 32)
-        throw new TypeError('Expected 32 bytes of aux randomness');
+        throw new TypeError('sign: Expected 32 bytes of aux randomness');
     const P = Point.fromPrivateKey(d0);
@@ -814,3 +809,3 @@ const d = hasEvenY(P) ? d0 : n - d0;
     if (k0 === 0n)
-        throw new Error('Creation of signature failed. k is zero');
+        throw new Error('sign: Creation of signature failed. k is zero');
     const R = Point.fromPrivateKey(k0);
@@ -822,3 +817,3 @@ const k = hasEvenY(R) ? k0 : n - k0;
     if (!isValid)
-        throw new Error('Invalid signature produced');
+        throw new Error('sign: Invalid signature produced');
     return typeof msgHash === 'string' ? sig.toHex() : sig.toRawBytes();
@@ -825,0 +820,0 @@ }

package.json

 {
   "name": "noble-secp256k1",
-  "version": "1.2.3",
+  "version": "1.2.4",
   "description": "Fastest JS implementation of secp256k1. Zero-dependency, high-security, audited ECDSA & Schnorr",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

50689

decreased by-0.48%

Lines of code

978

decreased by-0.51%

No dependency changes