5022ebef3e | ||
---|---|---|
build | ||
examples | ||
lib | ||
src | ||
test | ||
types | ||
.gitignore | ||
.npmignore | ||
LICENSE | ||
README.md | ||
package-lock.json | ||
package.json |
README.md
bigint-crypto-utils
Utils for working with cryptography using native JS (ES-2020) implementation of BigInt. It includes some extra functions to work with modular arithmetic along with secure random numbers and a fast strong probable prime generator/tester (parallelized multi-threaded Miller-Rabin primality tests if workers are supported). It can be used by any Web Browser or webview supporting BigInt and with Node.js (>=10.4.0).
The operations supported on BigInts are not constant time. BigInt can be therefore unsuitable for use in cryptography. Many platforms provide native support for cryptography, such as Web Cryptography API or Node.js Crypto.
Installation
bigint-crypto-utils is distributed for web browsers and/or webviews supporting BigInt as an ES6 module or an IIFE file; and for Node.js (>=10.4.0), as a CJS module.
bigint-crypto-utils can be imported to your project with npm
:
npm install bigint-crypto-utils
NPM installation defaults to the ES6 module for browsers and the CJS one for Node.js.
For web browsers, you can also directly download the IIFE bundle or the ES6 bundle module from GitHub.
Usage examples
Import your module as :
- Node.js
const bigintCryptoUtils = require('bigint-crypto-utils') ... // your code here
- JavaScript native or TypeScript project
import * as bigintCryptoUtils from 'bigint-crypto-utils' ... // your code here
BigInt is ES-2020. In order to use it with TypeScript you should set
lib
(and probably alsotarget
andmodule
) toesnext
intsconfig.json
. - JavaScript native browser ES6 mod
<script type="module"> import * as bigintCryptoUtils from 'lib/index.browser.bundle.mod.js' // Use you actual path to the broser mod bundle ... // your code here </script>
- JavaScript native browser IIFE
<head> ... <script src="../../lib/index.browser.bundle.js"></script> <!-- Use you actual path to the browser bundle --> </head> <body> ... <script> ... // your code here </script> </body>
An example of usage could be:
/* A BigInt with value 666 can be declared calling the bigint constructor as
BigInt('666') or with the shorter 666n.
Notice that you can also pass a number to the constructor, e.g. BigInt(666).
However, it is not recommended since values over 2**53 - 1 won't be safe but
no warning will be raised.
*/
const a = BigInt('5')
const b = BigInt('2')
const n = 19n
console.log(bigintCryptoUtils.modPow(a, b, n)) // prints 6
console.log(bigintCryptoUtils.modInv(2n, 5n)) // prints 3
console.log(bigintCryptoUtils.modInv(BigInt('3'), BigInt('5'))) // prints 2
console.log(bigintCryptoUtils.randBetween(2n ** 256n)) // Prints a cryptographically secure random number between 1 and 2**256 bits.
async function primeTesting () {
// Output of a probable prime of 2048 bits
console.log(await bigintCryptoUtils.prime(2048))
// Testing if a number is a probable prime (Miller-Rabin)
const number = 27n
const isPrime = await bigintCryptoUtils.isProbablyPrime(number)
if (isPrime) {
console.log(`${number} is prime`)
} else {
console.log(`${number} is composite`)
}
}
primeTesting()
You can find examples in the examples folder of the repository.
API reference documentation
Functions
- abs(a) ⇒
bigint
Absolute value. abs(a)==a if a>=0. abs(a)==-a if a<0
- bitLength(a) ⇒
number
Returns the bitlength of a number
- eGcd(a, b) ⇒
egcdReturn
An iterative implementation of the extended euclidean algorithm or extended greatest common divisor algorithm. Take positive integers a, b as input, and return a triple (g, x, y), such that ax + by = g = gcd(a, b).
- gcd(a, b) ⇒
bigint
Greatest-common divisor of two integers based on the iterative binary algorithm.
- lcm(a, b) ⇒
bigint
The least common multiple computed as abs(a*b)/gcd(a,b)
- max(a, b) ⇒
bigint
Maximum. max(a,b)==a if a>=b. max(a,b)==b if a<=b
- min(a, b) ⇒
bigint
Minimum. min(a,b)==b if a>=b. min(a,b)==a if a<=b
- modInv(a, n) ⇒
bigint
Modular inverse.
- modPow(b, e, n) ⇒
bigint
Modular exponentiation b**e mod n. Currently using the right-to-left binary method
- toZn(a, n) ⇒
bigint
Finds the smallest positive element that is congruent to a in modulo n
- isProbablyPrime(w, [iterations]) ⇒
Promise.<boolean>
The test first tries if any of the first 250 small primes are a factor of the input number and then passes several iterations of Miller-Rabin Probabilistic Primality Test (FIPS 186-4 C.3.1)
- prime(bitLength, [iterations]) ⇒
Promise.<bigint>
A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The browser version uses web workers to parallelise prime look up. Therefore, it does not lock the UI main process, and it can be much faster (if several cores or cpu are available). The node version can also use worker_threads if they are available (enabled by default with Node 11 and and can be enabled at runtime executing node --experimental-worker with node >=10.5.0).
- primeSync(bitLength, [iterations]) ⇒
bigint
A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The sync version is NOT RECOMMENDED since it won't use workers and thus it'll be slower and may freeze thw window in browser's javascript. Please consider using prime() instead.
- randBetween(max, [min]) ⇒
bigint
Returns a cryptographically secure random integer between [min,max]
- randBits(bitLength, [forceLength]) ⇒
Promise.<(Buffer|Uint8Array)>
Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Since version 3.0.0 this is an async function and a new randBitsSync function has been added. If you are migrating from version 2 call randBitsSync instead.
- randBitsSync(bitLength, [forceLength]) ⇒
Buffer
|Uint8Array
Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
- randBytes(byteLength, [forceLength]) ⇒
Promise.<(Buffer|Uint8Array)>
Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
- randBytesSync(byteLength, [forceLength]) ⇒
Buffer
|Uint8Array
Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Typedefs
- egcdReturn :
Object
A triple (g, x, y), such that ax + by = g = gcd(a, b).
abs(a) ⇒ bigint
Absolute value. abs(a)==a if a>=0. abs(a)==-a if a<0
Kind: global function
Returns: bigint
- the absolute value of a
Param | Type |
---|---|
a | number | bigint |
bitLength(a) ⇒ number
Returns the bitlength of a number
Kind: global function
Returns: number
- - the bit length
Param | Type |
---|---|
a | number | bigint |
eGcd(a, b) ⇒ egcdReturn
An iterative implementation of the extended euclidean algorithm or extended greatest common divisor algorithm. Take positive integers a, b as input, and return a triple (g, x, y), such that ax + by = g = gcd(a, b).
Kind: global function
Returns: egcdReturn
- A triple (g, x, y), such that ax + by = g = gcd(a, b).
Param | Type |
---|---|
a | number | bigint |
b | number | bigint |
gcd(a, b) ⇒ bigint
Greatest-common divisor of two integers based on the iterative binary algorithm.
Kind: global function
Returns: bigint
- The greatest common divisor of a and b
Param | Type |
---|---|
a | number | bigint |
b | number | bigint |
lcm(a, b) ⇒ bigint
The least common multiple computed as abs(a*b)/gcd(a,b)
Kind: global function
Returns: bigint
- The least common multiple of a and b
Param | Type |
---|---|
a | number | bigint |
b | number | bigint |
max(a, b) ⇒ bigint
Maximum. max(a,b)==a if a>=b. max(a,b)==b if a<=b
Kind: global function
Returns: bigint
- maximum of numbers a and b
Param | Type |
---|---|
a | number | bigint |
b | number | bigint |
min(a, b) ⇒ bigint
Minimum. min(a,b)==b if a>=b. min(a,b)==a if a<=b
Kind: global function
Returns: bigint
- minimum of numbers a and b
Param | Type |
---|---|
a | number | bigint |
b | number | bigint |
modInv(a, n) ⇒ bigint
Modular inverse.
Kind: global function
Returns: bigint
- the inverse modulo n or NaN if it does not exist
Param | Type | Description |
---|---|---|
a | number | bigint |
The number to find an inverse for |
n | number | bigint |
The modulo |
modPow(b, e, n) ⇒ bigint
Modular exponentiation b**e mod n. Currently using the right-to-left binary method
Kind: global function
Returns: bigint
- b**e mod n
Param | Type | Description |
---|---|---|
b | number | bigint |
base |
e | number | bigint |
exponent |
n | number | bigint |
modulo |
toZn(a, n) ⇒ bigint
Finds the smallest positive element that is congruent to a in modulo n
Kind: global function
Returns: bigint
- The smallest positive representation of a in modulo n
Param | Type | Description |
---|---|---|
a | number | bigint |
An integer |
n | number | bigint |
The modulo |
isProbablyPrime(w, [iterations]) ⇒ Promise.<boolean>
The test first tries if any of the first 250 small primes are a factor of the input number and then passes several iterations of Miller-Rabin Probabilistic Primality Test (FIPS 186-4 C.3.1)
Kind: global function
Returns: Promise.<boolean>
- A promise that resolves to a boolean that is either true (a probably prime number) or false (definitely composite)
Param | Type | Default | Description |
---|---|---|---|
w | number | bigint |
An integer to be tested for primality | |
[iterations] | number |
16 |
The number of iterations for the primality test. The value shall be consistent with Table C.1, C.2 or C.3 |
prime(bitLength, [iterations]) ⇒ Promise.<bigint>
A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The browser version uses web workers to parallelise prime look up. Therefore, it does not lock the UI main process, and it can be much faster (if several cores or cpu are available). The node version can also use worker_threads if they are available (enabled by default with Node 11 and and can be enabled at runtime executing node --experimental-worker with node >=10.5.0).
Kind: global function
Returns: Promise.<bigint>
- A promise that resolves to a bigint probable prime of bitLength bits.
Param | Type | Default | Description |
---|---|---|---|
bitLength | number |
The required bit length for the generated prime | |
[iterations] | number |
16 |
The number of iterations for the Miller-Rabin Probabilistic Primality Test |
primeSync(bitLength, [iterations]) ⇒ bigint
A probably-prime (Miller-Rabin), cryptographically-secure, random-number generator. The sync version is NOT RECOMMENDED since it won't use workers and thus it'll be slower and may freeze thw window in browser's javascript. Please consider using prime() instead.
Kind: global function
Returns: bigint
- A bigint probable prime of bitLength bits.
Param | Type | Default | Description |
---|---|---|---|
bitLength | number |
The required bit length for the generated prime | |
[iterations] | number |
16 |
The number of iterations for the Miller-Rabin Probabilistic Primality Test |
randBetween(max, [min]) ⇒ bigint
Returns a cryptographically secure random integer between [min,max]
Kind: global function
Returns: bigint
- A cryptographically secure random bigint between [min,max]
Param | Type | Default | Description |
---|---|---|---|
max | bigint |
Returned value will be <= max | |
[min] | bigint |
BigInt(1) |
Returned value will be >= min |
randBits(bitLength, [forceLength]) ⇒ Promise.<(Buffer|Uint8Array)>
Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Since version 3.0.0 this is an async function and a new randBitsSync function has been added. If you are migrating from version 2 call randBitsSync instead.
Kind: global function
Returns: Promise.<(Buffer|Uint8Array)>
- A Promise that resolves to a Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bits
Since: 3.0.0
Param | Type | Default | Description |
---|---|---|---|
bitLength | number |
The desired number of random bits | |
[forceLength] | boolean |
false |
If we want to force the output to have a specific bit length. It basically forces the msb to be 1 |
randBitsSync(bitLength, [forceLength]) ⇒ Buffer
| Uint8Array
Secure random bits for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Kind: global function
Returns: Buffer
| Uint8Array
- A Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bits
Since: 3.0.0
Param | Type | Default | Description |
---|---|---|---|
bitLength | number |
The desired number of random bits | |
[forceLength] | boolean |
false |
If we want to force the output to have a specific bit length. It basically forces the msb to be 1 |
randBytes(byteLength, [forceLength]) ⇒ Promise.<(Buffer|Uint8Array)>
Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Kind: global function
Returns: Promise.<(Buffer|Uint8Array)>
- A promise that resolves to a Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bytes
Param | Type | Default | Description |
---|---|---|---|
byteLength | number |
The desired number of random bytes | |
[forceLength] | boolean |
false |
If we want to force the output to have a bit length of 8*byteLength. It basically forces the msb to be 1 |
randBytesSync(byteLength, [forceLength]) ⇒ Buffer
| Uint8Array
Secure random bytes for both node and browsers. Node version uses crypto.randomFill() and browser one self.crypto.getRandomValues()
Kind: global function
Returns: Buffer
| Uint8Array
- A Buffer/UInt8Array (Node.js/Browser) filled with cryptographically secure random bytes
Param | Type | Default | Description |
---|---|---|---|
byteLength | number |
The desired number of random bytes | |
[forceLength] | boolean |
false |
If we want to force the output to have a bit length of 8*byteLength. It basically forces the msb to be 1 |
egcdReturn : Object
A triple (g, x, y), such that ax + by = g = gcd(a, b).
Kind: global typedef
Properties
Name | Type |
---|---|
g | bigint |
x | bigint |
y | bigint |