67 lines
3.0 KiB
JavaScript
67 lines
3.0 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.PrivateKey = void 0;
|
|
var utils_1 = require("@noble/ciphers/utils");
|
|
var utils_2 = require("../utils");
|
|
var PublicKey_1 = require("./PublicKey");
|
|
var PrivateKey = /** @class */ (function () {
|
|
function PrivateKey(secret, curve) {
|
|
this.curve = curve;
|
|
if (secret === undefined) {
|
|
this.data = (0, utils_2.getValidSecret)(curve);
|
|
}
|
|
else if ((0, utils_2.isValidPrivateKey)(secret, curve)) {
|
|
this.data = secret;
|
|
}
|
|
else {
|
|
throw new Error("Invalid private key");
|
|
}
|
|
this.publicKey = new PublicKey_1.PublicKey((0, utils_2.getPublicKey)(this.data, curve), curve);
|
|
}
|
|
PrivateKey.fromHex = function (hex, curve) {
|
|
return new PrivateKey((0, utils_2.decodeHex)(hex), curve);
|
|
};
|
|
Object.defineProperty(PrivateKey.prototype, "secret", {
|
|
/** @description From version 0.5.0, `Uint8Array` will be returned instead of `Buffer`. */
|
|
get: function () {
|
|
// TODO: Uint8Array
|
|
return Buffer.from(this.data);
|
|
},
|
|
enumerable: false,
|
|
configurable: true
|
|
});
|
|
PrivateKey.prototype.toHex = function () {
|
|
return (0, utils_1.bytesToHex)(this.data);
|
|
};
|
|
/**
|
|
* Derives a shared secret from ephemeral private key (this) and receiver's public key (pk).
|
|
* @description The shared key is 32 bytes, derived with `HKDF-SHA256(senderPoint || sharedPoint)`. See implementation for details.
|
|
*
|
|
* There are some variations in different ECIES implementations:
|
|
* which key derivation function to use, compressed or uncompressed `senderPoint`/`sharedPoint`, whether to include `senderPoint`, etc.
|
|
*
|
|
* Because the entropy of `senderPoint`, `sharedPoint` is enough high[1], we don't need salt to derive keys.
|
|
*
|
|
* [1]: Two reasons: the public keys are "random" bytes (albeit secp256k1 public keys are **not uniformly** random), and ephemeral keys are generated in every encryption.
|
|
*
|
|
* @param pk - Receiver's public key.
|
|
* @param compressed - (default: `false`) Whether to use compressed or uncompressed public keys in the key derivation (secp256k1 only).
|
|
* @returns Shared secret, derived with HKDF-SHA256.
|
|
*/
|
|
PrivateKey.prototype.encapsulate = function (pk, compressed) {
|
|
if (compressed === void 0) { compressed = false; }
|
|
var senderPoint = this.publicKey.toBytes(compressed);
|
|
var sharedPoint = this.multiply(pk, compressed);
|
|
return (0, utils_2.getSharedKey)(senderPoint, sharedPoint);
|
|
};
|
|
PrivateKey.prototype.multiply = function (pk, compressed) {
|
|
if (compressed === void 0) { compressed = false; }
|
|
return (0, utils_2.getSharedPoint)(this.data, pk.toBytes(true), compressed, this.curve);
|
|
};
|
|
PrivateKey.prototype.equals = function (other) {
|
|
return (0, utils_1.equalBytes)(this.data, other.data);
|
|
};
|
|
return PrivateKey;
|
|
}());
|
|
exports.PrivateKey = PrivateKey;
|