diff --git a/package.json b/package.json index 44532c665..8e69c4d8d 100644 --- a/package.json +++ b/package.json @@ -10,8 +10,8 @@ }, "dependencies": { "@adraffy/ens-normalize": "1.9.2", - "@noble/hashes": "1.1.2", - "@noble/secp256k1": "1.7.1", + "@noble/hashes": "1.3.1", + "@noble/curves": "1.1.0", "@types/node": "18.15.13", "aes-js": "4.0.0-beta.5", "tslib": "2.4.0", diff --git a/src.ts/crypto/signing-key.ts b/src.ts/crypto/signing-key.ts index d92f5e9c7..b23e0eb2c 100644 --- a/src.ts/crypto/signing-key.ts +++ b/src.ts/crypto/signing-key.ts @@ -4,14 +4,13 @@ * @_subsection: api/crypto:Signing [about-signing] */ -import * as secp256k1 from "@noble/secp256k1"; +import { secp256k1 } from "@noble/curves/secp256k1"; import { concat, dataLength, getBytes, getBytesCopy, hexlify, toBeHex, assertArgument } from "../utils/index.js"; -import { computeHmac } from "./hmac.js"; import { Signature } from "./signature.js"; import type { BytesLike } from "../utils/index.js"; @@ -19,13 +18,6 @@ import type { BytesLike } from "../utils/index.js"; import type { SignatureLike } from "./index.js"; -//const N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"); - -// Make noble-secp256k1 sync -secp256k1.utils.hmacSha256Sync = function(key: Uint8Array, ...messages: Array): Uint8Array { - return getBytes(computeHmac("sha256", key, concat(messages))); -} - /** * A **SigningKey** provides high-level access to the elliptic curve * cryptography (ECC) operations and key management. @@ -69,16 +61,14 @@ export class SigningKey { sign(digest: BytesLike): Signature { assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest); - const [ sigDer, recid ] = secp256k1.signSync(getBytesCopy(digest), getBytesCopy(this.#privateKey), { - recovered: true, - canonical: true + const sig = secp256k1.sign(getBytesCopy(digest), getBytesCopy(this.#privateKey), { + lowS: true }); - const sig = secp256k1.Signature.fromHex(sigDer); return Signature.from({ - r: toBeHex("0x" + sig.r.toString(16), 32), - s: toBeHex("0x" + sig.s.toString(16), 32), - v: (recid ? 0x1c: 0x1b) + r: toBeHex(sig.r, 32), + s: toBeHex(sig.s, 32), + v: (sig.recovery ? 0x1c: 0x1b) }); } @@ -106,7 +96,7 @@ export class SigningKey { */ computeSharedSecret(other: BytesLike): string { const pubKey = SigningKey.computePublicKey(other); - return hexlify(secp256k1.getSharedSecret(getBytesCopy(this.#privateKey), getBytes(pubKey))); + return hexlify(secp256k1.getSharedSecret(getBytesCopy(this.#privateKey), getBytes(pubKey), false)); } /** @@ -151,7 +141,7 @@ export class SigningKey { bytes = pub; } - const point = secp256k1.Point.fromHex(bytes); + const point = secp256k1.ProjectivePoint.fromHex(bytes); return hexlify(point.toRawBytes(compressed)); } @@ -177,12 +167,14 @@ export class SigningKey { assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest); const sig = Signature.from(signature); - const der = secp256k1.Signature.fromCompact(getBytesCopy(concat([ sig.r, sig.s ]))).toDERRawBytes(); - const pubKey = secp256k1.recoverPublicKey(getBytesCopy(digest), der, sig.yParity); + let secpSig = secp256k1.Signature.fromCompact(getBytesCopy(concat([ sig.r, sig.s ]))); + secpSig = secpSig.addRecoveryBit(sig.yParity); + + const pubKey = secpSig.recoverPublicKey(getBytesCopy(digest)); assertArgument(pubKey != null, "invalid signautre for digest", "signature", signature); - return hexlify(pubKey); + return "0x" + pubKey.toHex(false); } /** @@ -196,8 +188,8 @@ export class SigningKey { * addresses from parent public keys and chain codes. */ static addPoints(p0: BytesLike, p1: BytesLike, compressed?: boolean): string { - const pub0 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p0).substring(2)); - const pub1 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p1).substring(2)); + const pub0 = secp256k1.ProjectivePoint.fromHex(SigningKey.computePublicKey(p0).substring(2)); + const pub1 = secp256k1.ProjectivePoint.fromHex(SigningKey.computePublicKey(p1).substring(2)); return "0x" + pub0.add(pub1).toHex(!!compressed) } }