UNPKG

@noble/curves

Version:

Audited & minimal JS implementation of elliptic curve cryptography

paulmillr.com/noble/

paulmillr/noble-curves

78 lines 3.64 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
/** * hash-to-curve from [RFC 9380](https://www.rfc-editor.org/rfc/rfc9380). * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F. * @module */ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ import type { AffinePoint, Group, GroupConstructor } from './curve.js'; import { type IField } from './modular.js'; import type { CHash } from './utils.js'; export type UnicodeOrBytes = string | Uint8Array; /** * * `DST` is a domain separation tag, defined in section 2.2.5 * * `p` characteristic of F, where F is a finite field of characteristic p and order q = p^m * * `m` is extension degree (1 for prime fields) * * `k` is the target security target in bits (e.g. 128), from section 5.1 * * `expand` is `xmd` (SHA2, SHA3, BLAKE) or `xof` (SHAKE, BLAKE-XOF) * * `hash` conforming to `utils.CHash` interface, with `outputLen` / `blockLen` props */ export type Opts = { DST: UnicodeOrBytes; p: bigint; m: number; k: number; expand: 'xmd' | 'xof'; hash: CHash; }; /** * Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits. * [RFC 9380 5.3.1](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1). */ export declare function expand_message_xmd(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, H: CHash): Uint8Array; /** * Produces a uniformly random byte string using an extendable-output function (XOF) H. * 1. The collision resistance of H MUST be at least k bits. * 2. H MUST be an XOF that has been proved indifferentiable from * a random oracle under a reasonable cryptographic assumption. * [RFC 9380 5.3.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2). */ export declare function expand_message_xof(msg: Uint8Array, DST: Uint8Array, lenInBytes: number, k: number, H: CHash): Uint8Array; /** * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F. * [RFC 9380 5.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.2). * @param msg a byte string containing the message to hash * @param count the number of elements of F to output * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above * @returns [u_0, ..., u_(count - 1)], a list of field elements. */ export declare function hash_to_field(msg: Uint8Array, count: number, options: Opts): bigint[][]; export type XY<T> = (x: T, y: T) => { x: T; y: T; }; export declare function isogenyMap<T, F extends IField<T>>(field: F, map: [T[], T[], T[], T[]]): XY<T>; /** Point interface, which curves must implement to work correctly with the module. */ export interface H2CPoint<T> extends Group<H2CPoint<T>> { add(rhs: H2CPoint<T>): H2CPoint<T>; toAffine(iz?: bigint): AffinePoint<T>; clearCofactor(): H2CPoint<T>; assertValidity(): void; } export interface H2CPointConstructor<T> extends GroupConstructor<H2CPoint<T>> { fromAffine(ap: AffinePoint<T>): H2CPoint<T>; } export type MapToCurve<T> = (scalar: bigint[]) => AffinePoint<T>; export type htfBasicOpts = { DST: UnicodeOrBytes; }; export type HTFMethod<T> = (msg: Uint8Array, options?: htfBasicOpts) => H2CPoint<T>; export type MapMethod<T> = (scalars: bigint[]) => H2CPoint<T>; /** Creates hash-to-curve methods from EC Point and mapToCurve function. */ export declare function createHasher<T>(Point: H2CPointConstructor<T>, mapToCurve: MapToCurve<T>, def: Opts & { encodeDST?: UnicodeOrBytes; }): { hashToCurve: HTFMethod<T>; encodeToCurve: HTFMethod<T>; mapToCurve: MapMethod<T>; }; //# sourceMappingURL=hash-to-curve.d.ts.map