tiny-secp256k1
Advanced tools
Comparing version 2.1.2 to 2.2.0
@@ -15,2 +15,3 @@ export declare function __initializeContext(): void; | ||
export declare function privateSub(d: Uint8Array, tweak: Uint8Array): Uint8Array | null; | ||
export declare function privateNegate(d: Uint8Array): Uint8Array; | ||
export interface XOnlyPointAddTweakResult { | ||
@@ -24,4 +25,11 @@ parity: 1 | 0; | ||
export declare function sign(h: Uint8Array, d: Uint8Array, e?: Uint8Array): Uint8Array; | ||
export interface RecoverableSignature { | ||
signature: Uint8Array; | ||
recoveryId: RecoveryIdType; | ||
} | ||
export declare function signRecoverable(h: Uint8Array, d: Uint8Array, e?: Uint8Array): RecoverableSignature; | ||
export declare function signSchnorr(h: Uint8Array, d: Uint8Array, e?: Uint8Array): Uint8Array; | ||
export declare function verify(h: Uint8Array, Q: Uint8Array, signature: Uint8Array, strict?: boolean): boolean; | ||
export declare type RecoveryIdType = 0 | 1 | 2 | 3; | ||
export declare function recover(h: Uint8Array, signature: Uint8Array, recoveryId: RecoveryIdType, compressed?: boolean): Uint8Array | null; | ||
export declare function verifySchnorr(h: Uint8Array, Q: Uint8Array, signature: Uint8Array): boolean; |
@@ -188,2 +188,13 @@ import { compare } from "uint8array-tools"; | ||
} | ||
export function privateNegate(d) { | ||
validate.validatePrivate(d); | ||
try { | ||
PRIVATE_KEY_INPUT.set(d); | ||
wasm.privateNegate(); | ||
return PRIVATE_KEY_INPUT.slice(0, validate.PRIVATE_KEY_SIZE); | ||
} | ||
finally { | ||
PRIVATE_KEY_INPUT.fill(0); | ||
} | ||
} | ||
export function xOnlyPointAddTweak(p, tweak) { | ||
@@ -254,2 +265,26 @@ validate.validateXOnlyPoint(p); | ||
} | ||
export function signRecoverable(h, d, e) { | ||
validate.validateHash(h); | ||
validate.validatePrivate(d); | ||
validate.validateExtraData(e); | ||
try { | ||
HASH_INPUT.set(h); | ||
PRIVATE_KEY_INPUT.set(d); | ||
if (e !== undefined) | ||
EXTRA_DATA_INPUT.set(e); | ||
const recoveryId = wasm.signRecoverable(e === undefined ? 0 : 1); | ||
const signature = SIGNATURE_INPUT.slice(0, validate.SIGNATURE_SIZE); | ||
return { | ||
signature, | ||
recoveryId, | ||
}; | ||
} | ||
finally { | ||
HASH_INPUT.fill(0); | ||
PRIVATE_KEY_INPUT.fill(0); | ||
if (e !== undefined) | ||
EXTRA_DATA_INPUT.fill(0); | ||
SIGNATURE_INPUT.fill(0); | ||
} | ||
} | ||
export function signSchnorr(h, d, e) { | ||
@@ -291,2 +326,24 @@ validate.validateHash(h); | ||
} | ||
export function recover(h, signature, recoveryId, compressed = false) { | ||
validate.validateHash(h); | ||
validate.validateSignature(signature); | ||
validate.validateSignatureNonzeroRS(signature); | ||
if (recoveryId & 2) { | ||
validate.validateSigrPMinusN(signature); | ||
} | ||
validate.validateSignatureCustom(() => isXOnlyPoint(signature.subarray(0, 32))); | ||
const outputlen = assumeCompression(compressed); | ||
try { | ||
HASH_INPUT.set(h); | ||
SIGNATURE_INPUT.set(signature); | ||
return wasm.recover(outputlen, recoveryId) === 1 | ||
? PUBLIC_KEY_INPUT.slice(0, outputlen) | ||
: null; | ||
} | ||
finally { | ||
HASH_INPUT.fill(0); | ||
SIGNATURE_INPUT.fill(0); | ||
PUBLIC_KEY_INPUT.fill(0); | ||
} | ||
} | ||
export function verifySchnorr(h, Q, signature) { | ||
@@ -293,0 +350,0 @@ validate.validateHash(h); |
@@ -8,2 +8,3 @@ export declare const ERROR_BAD_PRIVATE = 0; | ||
export declare const ERROR_BAD_PARITY = 6; | ||
export declare const ERROR_BAD_RECOVERY_ID = 7; | ||
export declare function throwError(errcode: number): never; |
@@ -8,2 +8,3 @@ export const ERROR_BAD_PRIVATE = 0; | ||
export const ERROR_BAD_PARITY = 6; | ||
export const ERROR_BAD_RECOVERY_ID = 7; | ||
const ERRORS_MESSAGES = { | ||
@@ -17,2 +18,3 @@ [ERROR_BAD_PRIVATE.toString()]: "Expected Private", | ||
[ERROR_BAD_PARITY.toString()]: "Expected Parity (1 | 0)", | ||
[ERROR_BAD_RECOVERY_ID.toString()]: "Bad Recovery Id", | ||
}; | ||
@@ -19,0 +21,0 @@ export function throwError(errcode) { |
@@ -23,1 +23,4 @@ export declare const PRIVATE_KEY_SIZE = 32; | ||
export declare function validateSignature(signature: Uint8Array): void; | ||
export declare function validateSignatureCustom(validatorFn: () => boolean): void; | ||
export declare function validateSignatureNonzeroRS(signature: Uint8Array): void; | ||
export declare function validateSigrPMinusN(signature: Uint8Array): void; |
@@ -1,2 +0,2 @@ | ||
import { ERROR_BAD_PRIVATE, ERROR_BAD_POINT, ERROR_BAD_TWEAK, throwError, ERROR_BAD_HASH, ERROR_BAD_EXTRA_DATA, ERROR_BAD_SIGNATURE, ERROR_BAD_PARITY, } from "./validate_error.js"; | ||
import { ERROR_BAD_PRIVATE, ERROR_BAD_POINT, ERROR_BAD_TWEAK, throwError, ERROR_BAD_HASH, ERROR_BAD_EXTRA_DATA, ERROR_BAD_SIGNATURE, ERROR_BAD_PARITY, ERROR_BAD_RECOVERY_ID, } from "./validate_error.js"; | ||
export const PRIVATE_KEY_SIZE = 32; | ||
@@ -15,2 +15,7 @@ export const PUBLIC_KEY_COMPRESSED_SIZE = 33; | ||
]); | ||
// Difference between field and order | ||
const BN32_P_MINUS_N = new Uint8Array([ | ||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 69, 81, 35, 25, 80, 183, 95, | ||
196, 64, 45, 161, 114, 47, 201, 186, 238, | ||
]); | ||
function isUint8Array(value) { | ||
@@ -70,2 +75,7 @@ return value instanceof Uint8Array; | ||
} | ||
function isSigrLessThanPMinusN(signature) { | ||
return (isUint8Array(signature) && | ||
signature.length === 64 && | ||
cmpBN32(signature.subarray(0, 32), BN32_P_MINUS_N) < 0); | ||
} | ||
export function validateParity(p) { | ||
@@ -103,1 +113,15 @@ if (p !== 0 && p !== 1) | ||
} | ||
export function validateSignatureCustom(validatorFn) { | ||
if (!validatorFn()) | ||
throwError(ERROR_BAD_SIGNATURE); | ||
} | ||
export function validateSignatureNonzeroRS(signature) { | ||
if (isZero(signature.subarray(0, 32))) | ||
throwError(ERROR_BAD_SIGNATURE); | ||
if (isZero(signature.subarray(32, 64))) | ||
throwError(ERROR_BAD_SIGNATURE); | ||
} | ||
export function validateSigrPMinusN(signature) { | ||
if (!isSigrLessThanPMinusN(signature)) | ||
throwError(ERROR_BAD_RECOVERY_ID); | ||
} |
@@ -7,2 +7,3 @@ interface WebAssemblyMemory { | ||
} | ||
declare type RecoveryIdType = 0 | 1 | 2 | 3; | ||
interface Secp256k1WASM { | ||
@@ -32,8 +33,11 @@ memory: WebAssemblyMemory; | ||
privateSub: () => number; | ||
privateNegate: () => void; | ||
sign: (e: number) => void; | ||
signRecoverable: (e: number) => 0 | 1 | 2 | 3; | ||
signSchnorr: (e: number) => void; | ||
verify: (Q: number, strict: number) => number; | ||
verifySchnorr: () => number; | ||
recover: (outputlen: number, recoveryId: RecoveryIdType) => number; | ||
} | ||
declare const _default: Secp256k1WASM; | ||
export default _default; |
{ | ||
"name": "tiny-secp256k1", | ||
"version": "2.1.2", | ||
"version": "2.2.0", | ||
"description": "A tiny secp256k1 JS", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/bitcoinjs/tiny-secp256k1#readme", |
@@ -215,2 +215,14 @@ # tiny-secp256k1 | ||
### privateNegate (d) | ||
```haskell | ||
privateNegate :: Buffer -> Buffer | ||
``` | ||
Returns the negation of d on the order n (`n - d`) | ||
##### Throws: | ||
- `Expected Private` if `!isPrivate(d)` | ||
### xOnlyPointAddTweak (p, tweak) | ||
@@ -262,2 +274,18 @@ | ||
### signRecoverable (h, d[, e]) | ||
```haskell | ||
signRecoverable :: Buffer -> Buffer [-> Buffer] -> { recoveryId: 0 | 1 | 2 | 3; signature: Buffer; } | ||
``` | ||
Returns normalized signatures and recovery Id, each of (r, s) values are guaranteed to less than `order / 2`. | ||
Uses RFC6979. | ||
Adds `e` as Added Entropy to the deterministic k generation. | ||
##### Throws: | ||
- `Expected Private` if `!isPrivate(d)` | ||
- `Expected Scalar` if `h` is not 256-bit | ||
- `Expected Extra Data (32 bytes)` if `e` is not 256-bit | ||
### signSchnorr (h, d[, e]) | ||
@@ -295,2 +323,18 @@ | ||
### recover (h, signature, recoveryId[, compressed = false]) | ||
```haskell | ||
verify :: Buffer -> Buffer -> Number [-> Bool] -> Maybe Buffer | ||
``` | ||
Returns the ECDSA public key from a signature if it can be recovered, `null` otherwise. | ||
##### Throws: | ||
- `Expected Signature` if `signature` has any (r, s) values not in range `(0...order - 1]` | ||
- `Bad Recovery Id` if `recid & 2 !== 0` and `signature` has any r value not in range `(0...P - N - 1]` | ||
- `Expected Hash` if `h` is not 256-bit | ||
### verifySchnorr (h, Q, signature) | ||
@@ -297,0 +341,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
249420
1277
356