首頁 探索 說明
註冊 登入
seven
/
bot-28
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 8769530256
分支列表 標籤列表
bot-28
/
node
/
node_modules
/
@noble
/
curves
/
src
/
p521.ts

p521.ts 2.4 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
    2. 

  2. import { sha512 } from '@noble/hashes/sha512';
    3. 

  3. import { createCurve } from './_shortw_utils.js';
    4. 

  4. import { createHasher } from './abstract/hash-to-curve.js';
    5. 

  5. import { Field } from './abstract/modular.js';
    6. 

  6. import { mapToCurveSimpleSWU } from './abstract/weierstrass.js';
    7. 

  7. 

  8. // NIST secp521r1 aka p521
    9. 

  9. // Note that it's 521, which differs from 512 of its hash function.
    10. 

  10. // https://www.secg.org/sec2-v2.pdf, https://neuromancer.sk/std/nist/P-521
    11. 

  11. 

  12. // Field over which we'll do calculations.
    13. 

  13. // prettier-ignore
    14. 

  14. const P = BigInt('0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff');
    15. 

  15. const Fp = Field(P);
    16. 

  16. 

  17. const CURVE = {
    18. 

  18.   a: Fp.create(BigInt('-3')),
    19. 

  19.   b: BigInt(
    20. 

  20.     '0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00'
    21. 

  21.   ),
    22. 

  22.   Fp,
    23. 

  23.   n: BigInt(
    24. 

  24.     '0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409'
    25. 

  25.   ),
    26. 

  26.   Gx: BigInt(
    27. 

  27.     '0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66'
    28. 

  28.   ),
    29. 

  29.   Gy: BigInt(
    30. 

  30.     '0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650'
    31. 

  31.   ),
    32. 

  32.   h: BigInt(1),
    33. 

  33. };
    34. 

  34. 

  35. // prettier-ignore
    36. 

  36. export const p521 = createCurve({
    37. 

  37.   a: CURVE.a, // Equation params: a, b
    38. 

  38.   b: CURVE.b,
    39. 

  39.   Fp, // Field: 2n**521n - 1n
    40. 

  40.   // Curve order, total count of valid points in the field
    41. 

  41.   n: CURVE.n,
    42. 

  42.   Gx: CURVE.Gx, // Base point (x, y) aka generator point
    43. 

  43.   Gy: CURVE.Gy,
    44. 

  44.   h: CURVE.h,
    45. 

  45.   lowS: false,
    46. 

  46.   allowedPrivateKeyLengths: [130, 131, 132] // P521 keys are variable-length. Normalize to 132b
    47. 

  47. } as const, sha512);
    48. 

  48. export const secp521r1 = p521;
    49. 

  49. 

  50. const mapSWU = /* @__PURE__ */ (() =>
    51. 

  51.   mapToCurveSimpleSWU(Fp, {
    52. 

  52.     A: CURVE.a,
    53. 

  53.     B: CURVE.b,
    54. 

  54.     Z: Fp.create(BigInt('-4')),
    55. 

  55.   }))();
    56. 

  56. 

  57. const htf = /* @__PURE__ */ (() =>
    58. 

  58.   createHasher(secp521r1.ProjectivePoint, (scalars: bigint[]) => mapSWU(scalars[0]), {
    59. 

  59.     DST: 'P521_XMD:SHA-512_SSWU_RO_',
    60. 

  60.     encodeDST: 'P521_XMD:SHA-512_SSWU_NU_',
    61. 

  61.     p: Fp.ORDER,
    62. 

  62.     m: 1,
    63. 

  63.     k: 256,
    64. 

  64.     expand: 'xmd',
    65. 

  65.     hash: sha512,
    66. 

  66.   }))();
    67. 

  67. export const hashToCurve = /* @__PURE__ */ (() => htf.hashToCurve)();
    68. 

  68. export const encodeToCurve = /* @__PURE__ */ (() => htf.encodeToCurve)();
    69.