Go to file
juanelas 04cad8250b fixed browser tests 2020-04-21 02:41:32 +02:00
.github/workflows more tests. Fixed some bugs. Added github actions 2020-04-21 00:50:53 +02:00
build fixed doc 2020-04-21 01:33:41 +02:00
examples Examples of code 2020-04-08 17:10:22 +02:00
lib fixed browser tests 2020-04-21 02:41:32 +02:00
src fixed browser tests 2020-04-21 02:41:32 +02:00
test fixed browser tests 2020-04-21 02:41:32 +02:00
types more tests. Fixed some bugs. Added github actions 2020-04-21 00:50:53 +02:00
.gitignore more tests. Fixed some bugs. Added github actions 2020-04-21 00:50:53 +02:00
.npmignore more tests. Fixed some bugs. Added github actions 2020-04-21 00:50:53 +02:00
LICENSE working with worker file 2019-04-19 09:42:28 +02:00
README.md fixed doc 2020-04-21 01:33:41 +02:00
package-lock.json more tests. Fixed some bugs. Added github actions 2020-04-21 00:50:53 +02:00
package.json better description 2020-04-21 00:53:58 +02:00

README.md

License: MIT JavaScript Style Guide Node CI Coverage Status

bigint-crypto-utils

Arbitrary precision modular arithmetic, cryptographically secure random numbers and strong probable prime generation/testing.

It relies on the native JS implementation of (BigInt). It can be used by any Web Browser or webview supporting BigInt and with Node.js (>=10.4.0). The bundles can be imported directly by the browser or in Angular projects, React apps, Node.js, etc.

Secure random numbers are generated using the native crypto implementation of the browsers (Web Cryptography API) or Node.js Crypto). Strong probable prime generation and testing use Miller-Rabin primality tests and are automatically sped up using parallel workers both in browsers and Node.js.

The operations supported on BigInts are not constant time. BigInt can be therefore unsuitable for use in cryptography. Many platforms provide native support for cryptography, such as Web Cryptography API or Node.js Crypto.

Installation

bigint-crypto-utils can be imported to your project with npm:

npm install bigint-crypto-utils

NPM installation defaults to the ES6 module for browsers and the CJS one for Node.js. For web browsers, you can also directly download the IIFE bundle or the ESM bundle from the repository.

Usage examples

Import your module as :

  • Node.js

    const bigintCryptoUtils = require('bigint-crypto-utils')
    ... // your code here
    
  • JavaScript native or TypeScript project (including React and Angular JS)

    import * as bigintCryptoUtils from 'bigint-crypto-utils'
    ... // your code here
    

    BigInt is ES-2020. In order to use it with TypeScript you should set lib (and probably also target and module) to esnext in tsconfig.json. bigint-crypto-utils CANNOT BE POLYFILLED to suport older browsers. If you are using webpack/babel to create your production bundles, you should target only the most modern browsers. For instance, for React apps created with create-react-app, you should edit your package.json and modify the browserList so that it only targets the latest browsers (supporting the latest features):

    "browserslist": {
      "production": [
        "last 1 chrome version",
        "last 1 firefox version",
        "last 1 safari version"
      ],
      "development": [
        "last 1 chrome version",
        "last 1 firefox version",
        "last 1 safari version"
      ]
    }
    

    Also, notice that BigInt is ES-2020. In order to use it with TypeScript you should set lib (and probably also target and module) to esnext in tsconfig.json.

  • JavaScript native browser ES module

    <script type="module">
       import * as bigintCryptoUtils from 'lib/index.browser.bundle.mod.js'  // Use you actual path to the broser mod bundle
       ... // your code here
     </script>
    
  • JavaScript native browser IIFE

    <head>
      ...
      <script src="../../lib/index.browser.bundle.js"></script> <!-- Use you actual path to the browser bundle -->
    </head>
    <body>
      ...
      <script>
        ... // your code here
      </script>
    </body>
    

An example of usage could be:

/* A BigInt with value 666 can be declared calling the bigint constructor as 
BigInt('666') or with the shorter 666n.
Notice that you can also pass a number to the constructor, e.g. BigInt(666). 
However, it is not recommended since values over 2**53 - 1 won't be safe but 
no warning will be raised.
*/
const a = BigInt('5')
const b = BigInt('2')
const n = 19n

console.log(bigintCryptoUtils.modPow(a, b, n)) // prints 6

console.log(bigintCryptoUtils.modInv(2n, 5n)) // prints 3

console.log(bigintCryptoUtils.modInv(BigInt('3'), BigInt('5'))) // prints 2

console.log(bigintCryptoUtils.randBetween(2n ** 256n)) // Prints a cryptographically secure random number between 1 and 2**256 bits.

async function primeTesting () {
  // Output of a probable prime of 2048 bits
  console.log(await bigintCryptoUtils.prime(2048))

  // Testing if a number is a probable prime (Miller-Rabin)
  const number = 27n
  const isPrime = await bigintCryptoUtils.isProbablyPrime(number)
  if (isPrime) {
    console.log(`${number} is prime`)
  } else {
    console.log(`${number} is composite`)
  }
}

primeTesting()

You can find examples in the examples folder of the repository.

API reference documentation

Functions

abs(a)bigint

Absolute value. abs(a)==a if a>=0. abs(a)==-a if a<0

bitLength(a)number

Returns the bitlength of a number

eGcd(a, b)egcdReturn

An iterative implementation of the extended euclidean algorithm or extended greatest common divisor algorithm. Take positive integers a, b as input, and return a triple (g, x, y), such that ax + by = g = gcd(a, b).

gcd(a, b)bigint

Greatest-common divisor of two integers based on the iterative binary algorithm.

lcm(a, b)bigint

The least common multiple computed as abs(a*b)/gcd(a,b)

max(a, b)bigint

Maximum. max(a,b)==a if a>=b. max(a,b)==b if a<=b

min(a, b)bigint

Minimum. min(a,b)==b if a>=b. min(a,b)==a if a<=b

modInv(a, n)bigint | NaN

Modular inverse.

modPow(b, e, n)bigint

Modular exponentiation b**e mod n. Currently using the right-to-left binary method

toZn(a, n)bigint

Finds the smallest positive element that is congruent to a in modulo n

isProbablyPrime(w, [iterations], [disableWorkers])Promise.<boolean>

The test first tries if any of the first 250 small primes are a factor of the input number and then passes several iterations of Miller-Rabin Probabilistic Primality Test (FIPS 186-4 C.3.1)

prime(bitLength, [iterations])Promise.<bigint>

A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The browser version uses web workers to parallelise prime look up. Therefore, it does not lock the UI main process, and it can be much faster (if several cores or cpu are available). The node version can also use worker_threads if they are available (enabled by default with Node 11 and and can be enabled at runtime executing node --experimental-worker with node >=10.5.0).

primeSync(bitLength, [iterations])bigint

A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The sync version is NOT RECOMMENDED since it won't use workers and thus it'll be slower and may freeze thw window in browser's javascript. Please consider using prime() instead.

randBetween(max, [min])bigint

Returns a cryptographically secure random integer between [min,max]. Both numbers must be >=0

randBits(bitLength, [forceLength])Promise.<(Buffer|Uint8Array)>

Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

randBitsSync(bitLength, [forceLength])Buffer | Uint8Array

Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

randBytes(byteLength, [forceLength])Promise.<(Buffer|Uint8Array)>

Secure random bytes for both node and browsers. Node version uses crypto.randomBytes() and browser one self.crypto.getRandomValues()

randBytesSync(byteLength, [forceLength])Buffer | Uint8Array

Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

Typedefs

egcdReturn : Object

A triple (g, x, y), such that ax + by = g = gcd(a, b).

abs(a) ⇒ bigint

Absolute value. abs(a)==a if a>=0. abs(a)==-a if a<0

Kind: global function
Returns: bigint - the absolute value of a

Param Type
a number | bigint

bitLength(a) ⇒ number

Returns the bitlength of a number

Kind: global function
Returns: number - - the bit length

Param Type
a number | bigint

eGcd(a, b) ⇒ egcdReturn

An iterative implementation of the extended euclidean algorithm or extended greatest common divisor algorithm. Take positive integers a, b as input, and return a triple (g, x, y), such that ax + by = g = gcd(a, b).

Kind: global function
Returns: egcdReturn - A triple (g, x, y), such that ax + by = g = gcd(a, b).

Param Type
a number | bigint
b number | bigint

gcd(a, b) ⇒ bigint

Greatest-common divisor of two integers based on the iterative binary algorithm.

Kind: global function
Returns: bigint - The greatest common divisor of a and b

Param Type
a number | bigint
b number | bigint

lcm(a, b) ⇒ bigint

The least common multiple computed as abs(a*b)/gcd(a,b)

Kind: global function
Returns: bigint - The least common multiple of a and b

Param Type
a number | bigint
b number | bigint

max(a, b) ⇒ bigint

Maximum. max(a,b)==a if a>=b. max(a,b)==b if a<=b

Kind: global function
Returns: bigint - maximum of numbers a and b

Param Type
a number | bigint
b number | bigint

min(a, b) ⇒ bigint

Minimum. min(a,b)==b if a>=b. min(a,b)==a if a<=b

Kind: global function
Returns: bigint - minimum of numbers a and b

Param Type
a number | bigint
b number | bigint

modInv(a, n) ⇒ bigint | NaN

Modular inverse.

Kind: global function
Returns: bigint | NaN - the inverse modulo n or NaN if it does not exist

Param Type Description
a number | bigint The number to find an inverse for
n number | bigint The modulo

modPow(b, e, n) ⇒ bigint

Modular exponentiation b**e mod n. Currently using the right-to-left binary method

Kind: global function
Returns: bigint - b**e mod n

Param Type Description
b number | bigint base
e number | bigint exponent
n number | bigint modulo

toZn(a, n) ⇒ bigint

Finds the smallest positive element that is congruent to a in modulo n

Kind: global function
Returns: bigint - The smallest positive representation of a in modulo n

Param Type Description
a number | bigint An integer
n number | bigint The modulo

isProbablyPrime(w, [iterations], [disableWorkers]) ⇒ Promise.<boolean>

The test first tries if any of the first 250 small primes are a factor of the input number and then passes several iterations of Miller-Rabin Probabilistic Primality Test (FIPS 186-4 C.3.1)

Kind: global function
Returns: Promise.<boolean> - A promise that resolves to a boolean that is either true (a probably prime number) or false (definitely composite)

Param Type Default Description
w number | bigint An integer to be tested for primality
[iterations] number 16 The number of iterations for the primality test. The value shall be consistent with Table C.1, C.2 or C.3
[disableWorkers] boolean false Disable the use of workers for the primality test

prime(bitLength, [iterations]) ⇒ Promise.<bigint>

A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The browser version uses web workers to parallelise prime look up. Therefore, it does not lock the UI main process, and it can be much faster (if several cores or cpu are available). The node version can also use worker_threads if they are available (enabled by default with Node 11 and and can be enabled at runtime executing node --experimental-worker with node >=10.5.0).

Kind: global function
Returns: Promise.<bigint> - A promise that resolves to a bigint probable prime of bitLength bits.

Param Type Default Description
bitLength number The required bit length for the generated prime
[iterations] number 16 The number of iterations for the Miller-Rabin Probabilistic Primality Test

primeSync(bitLength, [iterations]) ⇒ bigint

A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The sync version is NOT RECOMMENDED since it won't use workers and thus it'll be slower and may freeze thw window in browser's javascript. Please consider using prime() instead.

Kind: global function
Returns: bigint - A bigint probable prime of bitLength bits.

Param Type Default Description
bitLength number The required bit length for the generated prime
[iterations] number 16 The number of iterations for the Miller-Rabin Probabilistic Primality Test

randBetween(max, [min]) ⇒ bigint

Returns a cryptographically secure random integer between [min,max]. Both numbers must be >=0

Kind: global function
Returns: bigint - A cryptographically secure random bigint between [min,max]

Param Type Default Description
max bigint Returned value will be <= max
[min] bigint BigInt(1) Returned value will be >= min

randBits(bitLength, [forceLength]) ⇒ Promise.<(Buffer|Uint8Array)>

Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

Kind: global function
Returns: Promise.<(Buffer|Uint8Array)> - A Promise that resolves to a Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bits

Param Type Default Description
bitLength number The desired number of random bits
[forceLength] boolean false If we want to force the output to have a specific bit length. It basically forces the msb to be 1

randBitsSync(bitLength, [forceLength]) ⇒ Buffer | Uint8Array

Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

Kind: global function
Returns: Buffer | Uint8Array - A Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bits

Param Type Default Description
bitLength number The desired number of random bits
[forceLength] boolean false If we want to force the output to have a specific bit length. It basically forces the msb to be 1

randBytes(byteLength, [forceLength]) ⇒ Promise.<(Buffer|Uint8Array)>

Secure random bytes for both node and browsers. Node version uses crypto.randomBytes() and browser one self.crypto.getRandomValues()

Kind: global function
Returns: Promise.<(Buffer|Uint8Array)> - A promise that resolves to a Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bytes

Param Type Default Description
byteLength number The desired number of random bytes
[forceLength] boolean false If we want to force the output to have a bit length of 8*byteLength. It basically forces the msb to be 1

randBytesSync(byteLength, [forceLength]) ⇒ Buffer | Uint8Array

Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()

Kind: global function
Returns: Buffer | Uint8Array - A Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bytes

Param Type Default Description
byteLength number The desired number of random bytes
[forceLength] boolean false If we want to force the output to have a bit length of 8*byteLength. It basically forces the msb to be 1

egcdReturn : Object

A triple (g, x, y), such that ax + by = g = gcd(a, b).

Kind: global typedef
Properties

Name Type
g bigint
x bigint
y bigint