UNPKG

@noble/curves

Version:

Audited & minimal JS implementation of elliptic curve cryptography

paulmillr.com/noble/

paulmillr/noble-curves

96 lines 3.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/** * Montgomery curve methods. It's not really whole montgomery curve, * just bunch of very specific methods for X25519 / X448 from * [RFC 7748](https://www.rfc-editor.org/rfc/rfc7748) * @module */ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */ import { type TArg, type TRet } from '../utils.ts'; import { type CurveLengths } from './curve.ts'; /** Curve-specific hooks required to build one X25519/X448 helper. */ export type MontgomeryOpts = { /** Prime field modulus. */ P: bigint; /** RFC 7748 variant name. */ type: 'x25519' | 'x448'; /** * Clamp or otherwise normalize one scalar byte string before use. * @param bytes - Raw secret scalar bytes. * @returns Adjusted scalar bytes ready for Montgomery multiplication. */ adjustScalarBytes: (bytes: TArg<Uint8Array>) => TRet<Uint8Array>; /** * Invert one field element with exponentiation by `p - 2`. * @param x - Field element to invert. * @returns Multiplicative inverse of `x`. */ powPminus2: (x: bigint) => bigint; /** * Optional randomness source for `keygen()` and `utils.randomSecretKey()`. * Receives the requested byte length and returns fresh random bytes. */ randomBytes?: (bytesLength?: number) => TRet<Uint8Array>; }; /** Public X25519/X448 ECDH API built on a Montgomery ladder. */ export type MontgomeryECDH = { /** * Multiply one scalar by one Montgomery `u` coordinate. * @param scalar - Secret scalar bytes. * @param u - Public Montgomery `u` coordinate. * @returns Shared point encoded as bytes. */ scalarMult: (scalar: TArg<Uint8Array>, u: TArg<Uint8Array>) => TRet<Uint8Array>; /** * Multiply one scalar by the curve base point. * @param scalar - Secret scalar bytes. * @returns Public key bytes. */ scalarMultBase: (scalar: TArg<Uint8Array>) => TRet<Uint8Array>; /** * Derive a shared secret from a local secret key and peer public key. * @param secretKeyA - Local secret key bytes. * @param publicKeyB - Peer public key bytes. * Rejects low-order public inputs instead of returning the all-zero shared secret. * @returns Shared secret bytes. */ getSharedSecret: (secretKeyA: TArg<Uint8Array>, publicKeyB: TArg<Uint8Array>) => TRet<Uint8Array>; /** * Derive one public key from a secret key. * @param secretKey - Secret key bytes. * @returns Public key bytes. */ getPublicKey: (secretKey: TArg<Uint8Array>) => TRet<Uint8Array>; /** Utility helpers for secret-key generation. */ utils: { /** Generate one random secret key with the curve's expected byte length. */ randomSecretKey: () => TRet<Uint8Array>; }; /** Encoded Montgomery base point `u`. */ GuBytes: TRet<Uint8Array>; /** Public lengths for keys and seeds. */ lengths: CurveLengths; /** * Generate one random secret/public keypair. * @param seed - Optional seed bytes to use instead of random generation. * @returns Fresh secret/public keypair. */ keygen: (seed?: TArg<Uint8Array>) => { secretKey: TRet<Uint8Array>; publicKey: TRet<Uint8Array>; }; }; /** * @param curveDef - Montgomery curve definition. * @returns ECDH helper namespace. * @throws If the curve definition or derived shared point is invalid. {@link Error} * @example * Perform one X25519 key exchange through the generic Montgomery helper. * * ```ts * import { x25519 } from '@noble/curves/ed25519.js'; * const alice = x25519.keygen(); * const shared = x25519.getSharedSecret(alice.secretKey, alice.publicKey); * ``` */ export declare function montgomery(curveDef: TArg<MontgomeryOpts>): TRet<MontgomeryECDH>; //# sourceMappingURL=montgomery.d.ts.map