Release 0.2.0.

2022-12-15 21:42:30 +00:00 · 2022-12-15 21:42:30 +00:00 · 0592b16a49
commit 0592b16a49
parent fbf85ce732
4 changed files with 47 additions and 23 deletions
--- a/README.md
+++ b/README.md
@ -47,29 +47,47 @@ npm install @noble/curves

 ```ts
 import { weierstrass } from '@noble/curves/weierstrass'; // Short Weierstrass curve
-import { twistedEdwards } from '@noble/curves/edwards'; // Twisted Edwards curve
 import { sha256 } from '@noble/hashes/sha256';
 import { hmac } from '@noble/hashes/hmac';
 import { concatBytes, randomBytes } from '@noble/hashes/utils';

-export const secp256k1 = shortw({
+const secp256k1 = weierstrass({
  a: 0n,
  b: 7n,
-  // Field over which we'll do calculations
-  P: 2n ** 256n - 2n ** 32n - 2n ** 9n - 2n ** 8n - 2n ** 7n - 2n ** 6n - 2n ** 4n - 1n,
-  // Curve order, total count of valid points in the field
+  P: 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2fn,
  n: 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141n,
-  // Base point (x, y) aka generator point
  Gx: 55066263022277343669578718895168534326250603453777594175500187360389116729240n,
  Gy: 32670510020758816978083085130507043184471273380659243275938904335757337482424n,
  hash: sha256,
  hmac: (k: Uint8Array, ...msgs: Uint8Array[]) => hmac(sha256, key, concatBytes(...msgs)),
-  randomBytes: randomBytes
+  randomBytes
 });

-// secp256k1.getPublicKey(priv)
-// secp256k1.sign(msg, priv)
+secp256k1.getPublicKey(secp256k1.utils.randomPrivateKey());
+secp256k1.sign(randomBytes(32), secp256k1.utils.randomPrivateKey());
 // secp256k1.verify(sig, msg, pub)
+
+import { twistedEdwards } from '@noble/curves/edwards'; // Twisted Edwards curve
+import { sha512 } from '@noble/hashes/sha512';
+
+const ed25519 = twistedEdwards({
+  a: -1n,
+  d: 37095705934669439343138083508754565189542113879843219016388785533085940283555n,
+  P: 57896044618658097711785492504343953926634992332820282019728792003956564819949n,
+  n: 7237005577332262213973186563042994240857116359379907606001950938285454250989n,
+  h: 8n,
+  Gx: 15112221349535400772501151409588531511454012693041857206046113283949847762202n,
+  Gy: 46316835694926478169428394003475163141307993866256225615783033603165251855960n,
+  hash: sha512,
+  randomBytes,
+  adjustScalarBytes(bytes) { // could be no-op
+    bytes[0] &= 248;
+    bytes[31] &= 127;
+    bytes[31] |= 64;
+    return bytes;
+  },
+} as const);
+ed25519.getPublicKey(ed25519.utils.randomPrivateKey());
 ```

 ## Performance
--- a/curve-definitions/package.json
+++ b/curve-definitions/package.json
@ -1,6 +1,6 @@
 {
  "name": "micro-curve-definitions",
-  "version": "0.1.0",
+  "version": "0.2.0",
  "description": "Curve definitions for @noble/curves",
  "files": [
    "lib"
@ -10,7 +10,7 @@
  "module": "lib/index.js",
  "types": "lib/index.d.ts",
  "dependencies": {
-    "@noble/curves": "file:../",
+    "@noble/curves": "0.2.0",
    "@noble/hashes": "1.1.5"
  },
  "devDependencies": {
--- a/curve-definitions/src/ed25519.ts
+++ b/curve-definitions/src/ed25519.ts
@ -49,14 +49,18 @@ function ed25519_pow_2_252_3(x: bigint) {
  // ^ To pow to (p+3)/8, multiply it by x.
  return { pow_p_5_8, b2 };
 }
+
+/**
+ * For X25519, in order to decode 32 random bytes as an integer scalar,
+ * set the
+ * three least significant bits of the first byte 0b1111_1000,
+ * and the most significant bit of the last to zero 0b0111_1111,
+ * set the second most significant bit of the last byte to 1 0b0100_0000
+ */
 function adjustScalarBytes(bytes: Uint8Array): Uint8Array {
-  // Section 5: For X25519, in order to decode 32 random bytes as an integer scalar,
-  // set the three least significant bits of the first byte
-  bytes[0] &= 248; // 0b1111_1000
-  // and the most significant bit of the last to zero,
-  bytes[31] &= 127; // 0b0111_1111
-  // set the second most significant bit of the last byte to 1
-  bytes[31] |= 64; // 0b0100_0000
+  bytes[0] &= 248;
+  bytes[31] &= 127;
+  bytes[31] |= 64;
  return bytes;
 }
 // sqrt(u/v)
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "@noble/curves",
-  "version": "0.1.0",
+  "version": "0.2.0",
  "description": "Minimal, zero-dependency JS implementation of elliptic curve cryptography",
  "files": [
    "index.js",
@ -63,14 +63,16 @@
    "curve",
    "cryptography",
    "hyperelliptic",
+    "weierstrass",
+    "edwards",
+    "montgomery",
+    "secp256k1",
+    "ed25519",
+    "ed448",
    "p256",
    "p384",
    "p521",
    "nist",
-    "weierstrass",
-    "edwards",
-    "montgomery",
-    "hashes",
    "ecc",
    "ecdsa",
    "eddsa",