elliptic | Fast Elliptic Curve Cryptography in plain javascript | Cryptography library

 by   indutny JavaScript Version: 6.5.4 License: No License

kandi X-RAY | elliptic Summary

kandi X-RAY | elliptic Summary

elliptic is a JavaScript library typically used in Security, Cryptography applications. elliptic has medium support. However elliptic has 1 bugs and it has 1 vulnerabilities. You can install using 'npm i @tripod/elliptic' or download it from GitHub, npm.

Fast elliptic-curve cryptography in a plain javascript implementation.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              elliptic has a medium active ecosystem.
              It has 1545 star(s) with 375 fork(s). There are 52 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 101 open issues and 100 have been closed. On average issues are closed in 158 days. There are 33 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of elliptic is 6.5.4

            kandi-Quality Quality

              elliptic has 1 bugs (0 blocker, 0 critical, 1 major, 0 minor) and 0 code smells.

            kandi-Security Security

              elliptic has 1 vulnerability issues reported (0 critical, 0 high, 1 medium, 0 low).
              elliptic code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              elliptic does not have a standard license declared.
              Check the repository for any license declaration and review the terms closely.
              OutlinedDot
              Without a license, all rights are reserved, and you cannot use the library in your applications.

            kandi-Reuse Reuse

              elliptic releases are not available. You will need to build from source code and install.
              Deployable package is available in npm.
              Installation instructions are not available. Examples and code snippets are available.
              elliptic saves you 13 person hours of effort in developing the same functionality from scratch.
              It has 38 lines of code, 0 functions and 26 files.
              It has low code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed elliptic and discovered the below as its top functions. This is intended to give you an instant insight into elliptic implemented functionality, and help decide if they suit your requirements.
            • The inverse of two numbers .
            • Adds two rational numbers .
            • Updates the block .
            • Calculates the end - point of the equation 2 .
            • Zero - zeros .
            • We need two Ranks
            • Computes a B Blob projection .
            • Import a decoder .
            • Trim a Bezier Curve
            • Determine the projection of this curve .
            Get all kandi verified functions for this library.

            elliptic Key Features

            No Key Features are available at this moment for elliptic.

            elliptic Examples and Code Snippets

            No Code Snippets are available at this moment for elliptic.

            Community Discussions

            QUESTION

            Web cryptography implement HKDF for the output of ECDH
            Asked 2021-Jun-13 at 11:02

            I want implement a elliptic curve diffie hellman using HKDF as key derivation function. I am using a python backend and (vanilla) javascript in frontend. I am using python cryptography library in backend and Web Crypto api in frontend as cryptographic library. I created ECDH key pair in both side and exchanged the pbulic keys. Now I am trying to create the AES shared key with the exchanged public key and private key along with HKDF algorithm. I am able to do it in the python backend (I followed this example for the python code):

            ...

            ANSWER

            Answered 2021-Jun-13 at 11:02

            The referenced Python code uses P-384 (aka secp384r1) as elliptic curve. This is compatible with the WebCrypto API, which supports three curves P-256 (aka secp256r1), P-384 and P-521 (aka secp521r1), see EcKeyImportParams.

            The following WebCrypto code generates a shared secret using ECDH and derives an AES key from the shared secret using HKDF. In detail the following happens:

            • To allow comparison of the derived key with that of the referenced Python code, predefined EC keys are applied. The private key is imported as PKCS#8, the public key as X.509/SPKI. Note that due to a Firefox bug concerning the import of EC keys, the script below cannot be run in the Firefox browser.
            • After the import the shared secret is created with ECDH using deriveBits() (and not deriveKey()).
            • The shared secret is imported with importKey() and then the AES key is derived using HKDF, again with deriveBits().

            Source https://stackoverflow.com/questions/67938461

            QUESTION

            WebGL: INVALID_OPERATION: useProgram: program not valid
            Asked 2021-Jun-10 at 15:47

            I'm learning WebGl and trying to convert a web mining script to do elliptical curve addition. I started by replacing the working GL code with the code from vanitygen-plus, even though it does more than I need/want. I also began replacing the variables passed to the expected ones and removed a bunch of unneeded JavaScript. I now get the error "glminer.js:54 WebGL: INVALID_OPERATION: useProgram: program not valid" currently testing in chrome 91 on windows 10. unfortunately this doesn't help me much as it doesn't tell me what is invalid.

            ...

            ANSWER

            Answered 2021-Jun-10 at 15:47

            To get more info on why your program is failing you can output the program info log. Add the following debugging code between linking and using the program:

            Source https://stackoverflow.com/questions/67900673

            QUESTION

            Create and sign JWT in Scala for Apple AppStore Connect
            Asked 2021-May-28 at 12:30

            i want to create a JWT in a scala application for talking to the Apple's AppStore Connect api. i'm following the guide here

            i'm getting an invalid signature on jwt.io when creating a JWT with the below code. a request to appstore connect results in a 401

            i can verify that the JWT encodes the header and payload correctly on http://jwt.io

            looking at this library, i think i'm selecting the correct curve algorithm:

            After creating the token, one must sign it with an Apple-provided private key, using the Elliptic Curve Digital Signature Algorithm (ECDSA) with the P-256 curve and the SHA-256 hash algorithm, or ES256.

            i'm not sure what is wrong - maybe i'm not generating the S value correctly?

            ...

            ANSWER

            Answered 2021-May-28 at 12:23

            I can suggest two things to try out:

            1. JwtBuilder signWith(SignatureAlgorithm var1, Key var2) is deprecated. Can you try using JwtBuilder signWith(Key var1, SignatureAlgorithm var2) , and see if that succeeds?
            2. If not, you can try using bountycastle , which does work for me. Following is the code snippet for getting the private key.

            Source https://stackoverflow.com/questions/67738084

            QUESTION

            Import elliptic curve private key from PEM in Firefox
            Asked 2021-May-28 at 09:38

            I am trying to import an elliptic curve private key from PEM encoding. The following code works fine on Chrome but does not work with Firefox. It says:

            ...

            ANSWER

            Answered 2021-May-28 at 09:16

            I am answering my own question for case someone find it useful. As suggested by Michael a possible workaround is to use "jsrsasign" library and KEYUTIL functions. After having installed jsrsasign, the following code imports ECDSA private key on both Chrome and Firefox.

            Source https://stackoverflow.com/questions/67647812

            QUESTION

            Shared ECDH Secret, Browser + NodeJS
            Asked 2021-May-21 at 16:27

            I'm trying to use Elliptical Curve Diffie-Hellman keys to create a shared secret between a Browser and NodeJS. If I export the browser public key as raw, everything works, but I'm required to export the key as spki and then NodeJS gets mad about it.

            In the Browser I do this:

            ...

            ANSWER

            Answered 2021-May-21 at 15:33

            As far as I know, the NodeJS crypto module does not support the X.509/SPKI format for the public key in ECDH context, but only the raw key. However, it is possible to derive the raw key from the X.509/SPKI key.

            The X.509/SPKI key generated with the WebCrypto code encapsulates the raw (more precisely uncompressed) key, 0x04 + + , which is localized at the end. For P-256 aka prime256v1 the last 65 bytes correspond to the raw key. The front part is identical for different P-256 keys.

            This way, in the NodeJS code, the raw key for P-256 can be determined as the last 65 bytes from the X.509/SPKI key.
            Similarly, the front part of the X.509/SPKI key can be concatenated with the raw key generated with the NodeJS code, thus converting the raw key to the X.509/SPKI format.

            The NodeJS code for this is:

            Source https://stackoverflow.com/questions/67621606

            QUESTION

            Deleting items off a list as I go in R loop
            Asked 2021-May-18 at 20:35

            Apologies in advance for my inefficient code, still learning! I'm trying to create a loop that (1) takes items from a list of semantic characters, copying the ones that are relevant into a new matrix, and (2) deleting the items I copy as I go. I achieved part 1, but cannot get part 2 to work. It only works for the first two rows and then I get a "Error in a[[n]] : subscript out of bounds".

            Here is the code that achieves part 1:

            ...

            ANSWER

            Answered 2021-May-18 at 20:35

            I am not 100% sure that I understand what you are trying to do, however, the reason that you are getting an out-of-bounds error is that

            1. You establish the value x here:

            Source https://stackoverflow.com/questions/67593088

            QUESTION

            Why does ECDiffieHellmanP256 work with ECDsaCng.SignData()?
            Asked 2021-May-16 at 21:50

            In .NET there are two P256 curve algorithms that can be used with CngKey:

            What confuses me is it appears to be possible to create a signature using CngAlgorithm.ECDiffieHellmanP256.

            Sample code:

            ...

            ANSWER

            Answered 2021-May-16 at 21:50

            ECDiffieHellmanCng(CngKey.Create(CngAlgorithm.ECDsaP256))
            This implies there is some kind of difference between the key types.

            When you try to initialize an ECDiffieHellmanCng using a CngKey during runtime is verifies that the CngKey that you provided is part of a particular list of algorithms, MSDN calls them the Elliptic Curve Diffie-Hellman (ECDH) algorithm group, which has four valid AlgorithmGroup names ECDH,ECDiffieHellman,ECDiffieHellmanCng, and System.Security.Cryptography.ECDiffieHellmanCng, which all refer to the same implementation.

            When you create a CngKey with CngAlgorithm.ECDiffieHellmanP256 you get a valid ECDH key who's AlgorithmGroup is ECDH, which is valid as a parameter to create a ECDiffieHellmanCng to perform key exchanges.

            However, when you create a CngKey with CngAlgorithm.ECDsaP256 you get a key with an AlgorithmGroup of ECDSA which is not a valid AlgorithmGroup to create a ECDiffieHellmanCng to perform key exchanges.

            The ECDSA AlgorithmGroup is used to denote a CngKey who's purpose to to perform Elliptic-curve Digital Signatures, and explicitly not perform key exchanges. This key can't be used with a ECDiffieHellmanCng to perform key exchanges because it most probably does not contain enough, valid and/or secure information to perform key exchanges with another party.

            You're able to construct valid EC signatures using ECDsaCng with both ECDH and ECDSA CngKeys because they both contain enough, valid, or secure information to construct and perform a digital signatures. However, the reverse is not the same due to the limitations MSDN created when performing key exchanges, with their implementation of ECDiffieHellmanCng, in addition to the probable missing information/format the ECDSA CngKey key prevents the proper calculation of a key exchange.

            We can verify this information with a short test script

            Source https://stackoverflow.com/questions/67561180

            QUESTION

            Point Doubling (P -> 2P) The Base Point of the Secp256k1 Elliptic Curve
            Asked 2021-May-16 at 00:55

            as a learning exercise, I am trying to code the first point doubling (Base point P -> 2P) for the Secp256k1 Elliptic Curve. I am using Javascript, and the ethers package for BigNumber. Frustratingly, I am running into a problem where the result I am getting for 2P doesn't appear to lie on the curve. Can someone please help me determine where I am making a mistake?

            The coordinates I'm getting as a result are:

            ...

            ANSWER

            Answered 2021-May-16 at 00:55

            As kelalaka pointed out in a comment on the original post, I was confusing the the order of the group and the finite field Fp. I was getting values modulo the Group Order, when I should've been using the values modulo prime p used to define the finite field.

            The new and correct result I get is:

            Source https://stackoverflow.com/questions/67551727

            QUESTION

            Is there a preferred function for generating a private/public key-pair for an elliptic curve?
            Asked 2021-May-11 at 21:32

            Is one of the following two functions preferred over the other? Do they both do the same thing, just with a different implementation?

            Both seem to return the same values, just in a different package.

            I want to create a private/public key-pair for the following curve

            Thanks in advance! :)

            ...

            ANSWER

            Answered 2021-May-11 at 21:32

            In elliptic curve cryptography the private key is simply a large random number in some range, usually 0 - 2^256, the range is defined by curve itself though, usually the order of some cyclic subgroup, or the entire curve order when dealing with prime order curves.

            ECC is used for many things, Elliptic Curve Diffie Hellman, Elliptic Curve Signature (ECDSA) they all require scalar multiplication of a given private key by the curve's generator point to establish the public key.

            These scalar multiplication functions are implemented differently for various security and efficiency reasons.

            In short are three types of multiplication function:

            • Fixed-base
            • Variable-base
            • Double-base

            ECDSA uses fixed-base, ECDH uses variable-base.

            There is intuition here, during ECDH you must multiply your private key by someone else's "variable" public point.

            Anyway, to use Brainpool, you must generate a key suitable for that curves order, and multiply it by the curves generator point. Usually most API's allow specification of the curve.

            By the way, don't use Brainpool, it sucks.

            Source https://stackoverflow.com/questions/67491389

            QUESTION

            How Can i set same position of widgets for different device?
            Asked 2021-May-08 at 12:11

            Hi to Everyone. I am setting position of icon widget. But it is changing on different device. How can i fix it? thanks in advance.

            > -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

            ...

            ANSWER

            Answered 2021-May-08 at 12:11

            For your code example, you can use Expanded for your TextView widget.

            Source https://stackoverflow.com/questions/67447113

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            The package elliptic before 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that the public key point passed into the derive function actually exists on the secp256k1 curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed.
            The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.

            Install elliptic

            You can install using 'npm i @tripod/elliptic' or download it from GitHub, npm.

            Support

            Elliptic.js support following curve types:.
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            Install
            Maven
            Gradle
            CLONE
          • HTTPS

            https://github.com/indutny/elliptic.git

          • CLI

            gh repo clone indutny/elliptic

          • sshUrl

            git@github.com:indutny/elliptic.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Cryptography Libraries

            dogecoin

            by dogecoin

            tink

            by google

            crypto-js

            by brix

            Ciphey

            by Ciphey

            libsodium

            by jedisct1

            Try Top Libraries by indutny

            node-ip

            by indutnyJavaScript

            bn.js

            by indutnyJavaScript

            sticky-session

            by indutnyJavaScript

            webpack-common-shake

            by indutnyJavaScript

            bud

            by indutnyC