Update bls spec, disallow 0 private keys.

RomarQ · Oct 1, 2020 · 6343d86 · 6343d86
1 parent 3df64ea
commit 6343d86
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -9,8 +9,8 @@ bls12-381, a pairing-friendly Barreto-Lynn-Scott elliptic curve construction. Al
 
 **The fastest implementation written in a scripting language**. Matches following specs:
 
-- [Pairing-friendly curves 02](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-02)
-- [BLS signatures 02](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-02)
+- [Pairing-friendly curves 08](https://tools.ietf.org/html/draft-irtf-cfrg-pairing-friendly-curves-08)
+- [BLS signatures 04](https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-04)
 - [Hash to curve 09](https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-09)
 
 Check out [BLS12-381 For The Rest Of Us](https://hackmd.io/@benjaminion/bls12-381) to get started with the primitives.

diff --git a/index.js b/index.js
@@ -165,7 +165,10 @@ async function hash_to_field(msg, degree, isRandomOracle = true) {
 }
 exports.hash_to_field = hash_to_field;
 function normalizePrivKey(privateKey) {
-    return new math_1.Fq(toBigInt(privateKey));
+    const fq = new math_1.Fq(toBigInt(privateKey));
+    if (fq.isZero())
+        throw new Error('Private key cannot be 0');
+    return fq;
 }
 let PointG1 = (() => {
     class PointG1 extends math_1.ProjectivePoint {

diff --git a/index.ts b/index.ts
@@ -198,7 +198,9 @@ export async function hash_to_field(
 }
 
 function normalizePrivKey(privateKey: PrivateKey): Fq {
-  return new Fq(toBigInt(privateKey));
+  const fq = new Fq(toBigInt(privateKey));
+  if (fq.isZero()) throw new Error('Private key cannot be 0');
+  return fq;
 }
 
 export class PointG1 extends ProjectivePoint<Fq> {

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "noble-bls12-381",
-  "version": "0.4.3",
+  "version": "0.5.0",
   "description": "Noble BLS12-381 pairing-friendly curve. Fastest, high-security, easily auditable, 0-dep aggregated signatures & pubkey",
   "main": "index.js",
   "files": [

diff --git a/test/index.test.ts b/test/index.test.ts
@@ -31,6 +31,9 @@ describe("bls12-381", () => {
     const decomp = bls.PointG1.fromCompressedHex(publicKey);
     expect(publicKey).toEqual(decomp.toCompressedHex());
   });
+  it("should not compress and decompress zero G1 point", async () => {
+    expect(() => bls.PointG1.fromPrivateKey(0n)).toThrowError();
+  });
   it(`should produce correct signatures (${G2_VECTORS.length} vectors)`, async () => {
     for (let i = 0; i < G2_VECTORS.length; i++) {
       const [priv, msg, expected] = G2_VECTORS[i];