Release 0.21.2

package.json

@@ -1,6 +1,6 @@
 {
     "name": "@cloudflare/voprf-ts",
-    "version": "0.21.1",
+    "version": "0.21.2",
     "description": "voprf-ts: A TypeScript Library for Oblivious Pseudorandom Functions (OPRF)",
     "author": "Armando Faz <armfazh@cloudflare.com>",
     "maintainers": [
@@ -39,23 +39,23 @@
     "homepage": "https://github.com/cloudflare/voprf-ts#readme",
     "repository": "github:cloudflare/voprf-ts",
     "engines": {
-        "node": ">=16"
+        "node": ">=18"
     },
     "devDependencies": {
         "@noble/curves": "1.2.0",
         "@noble/hashes": "1.3.2",
-        "@types/benchmark": "2.1.2",
-        "@types/jest": "29.5.4",
-        "@typescript-eslint/eslint-plugin": "6.5.0",
-        "@typescript-eslint/parser": "6.5.0",
+        "@types/benchmark": "2.1.3",
+        "@types/jest": "29.5.5",
+        "@typescript-eslint/eslint-plugin": "6.7.3",
+        "@typescript-eslint/parser": "6.7.3",
         "benchmark": "2.1.4",
-        "eslint": "8.48.0",
+        "eslint": "8.50.0",
         "eslint-config-prettier": "9.0.0",
-        "eslint-plugin-jest": "27.2.3",
+        "eslint-plugin-jest": "27.4.0",
         "eslint-plugin-jest-formatting": "3.1.0",
         "eslint-plugin-prettier": "5.0.0",
         "eslint-plugin-security": "1.7.1",
-        "jest": "29.6.4",
+        "jest": "29.7.0",
         "prettier": "3.0.3",
         "sjcl": "1.0.8",
         "typescript": "5.2.2"

src/client.ts

@@ -3,8 +3,15 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { Elt, Scalar } from './groupTypes.js'
-import { Evaluation, EvaluationRequest, FinalizeData, ModeID, Oprf, SuiteID } from './oprf.js'
+import type { Elt, Scalar } from './groupTypes.js'
+import {
+    Evaluation,
+    EvaluationRequest,
+    FinalizeData,
+    type ModeID,
+    Oprf,
+    type SuiteID
+} from './oprf.js'
 
 import { zip } from './util.js'
 

src/cryptoNoble.ts

@@ -4,7 +4,7 @@
 // at https://opensource.org/licenses/BSD-3-Clause
 
 import { GroupNb } from './noble/group.js'
-import { CryptoProvider, HashID } from './cryptoTypes.js'
+import type { CryptoProvider, HashID } from './cryptoTypes.js'
 import { hashSync } from './noble/hashes.js'
 
 export const CryptoNoble: CryptoProvider = {

src/cryptoSjcl.ts

@@ -3,7 +3,7 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { CryptoProvider, HashID } from './cryptoTypes.js'
+import type { CryptoProvider, HashID } from './cryptoTypes.js'
 import { GroupConsSjcl } from './groupSjcl.js'
 
 export const CryptoSjcl: CryptoProvider = {

src/cryptoTypes.ts

@@ -3,7 +3,7 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { GroupCons } from './groupTypes.js'
+import type { GroupCons } from './groupTypes.js'
 
 export type HashID = 'SHA-512' | 'SHA-256' | 'SHA-384' | 'SHAKE256'
 

src/dleq.ts

@@ -4,16 +4,16 @@
 // at https://opensource.org/licenses/BSD-3-Clause
 //
 // Implementation of batched discrete log equivalents proofs (DLEQ) as
-// described in https://www.ietf.org/id/draft-irtf-cfrg-voprf-09.html#name-discrete-log-equivalence-pr.
-import { Elt, Group, Scalar } from './groupTypes.js'
+// described in https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21#name-discrete-logarithm-equivale
+import type { HashID } from './cryptoTypes.js'
+import type { Elt, Group, Scalar } from './groupTypes.js'
 import { checkSize, joinAll, to16bits, toU16LenPrefix } from './util.js'
-import { Oprf } from './oprf.js'
-import { HashID } from './cryptoTypes.js'
 
 export interface DLEQParams {
     readonly gg: Group
-    readonly hash: HashID
     readonly dst: string
+    readonly hashID: HashID
+    hash(hashID: HashID, input: Uint8Array): Promise<Uint8Array>
 }
 
 const LABELS = {
@@ -24,7 +24,7 @@ const LABELS = {
 } as const
 
 // computeComposites implements ComputeComposites and ComputeCompositiesFast
-// functions from https://www.ietf.org/id/draft-irtf-cfrg-voprf-09.html#name-discrete-log-equivalence-pr.
+// functions from https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21#name-discrete-logarithm-equivale
 async function computeComposites(
     params: DLEQParams,
     b: Elt,
@@ -35,7 +35,7 @@ async function computeComposites(
     const Bm = b.serialize()
     const seedDST = te.encode(LABELS.Seed + params.dst)
     const h1Input = joinAll([...toU16LenPrefix(Bm), ...toU16LenPrefix(seedDST)])
-    const seed = await Oprf.Crypto.hash(params.hash, h1Input)
+    const seed = await params.hash(params.hashID, h1Input)
 
     const compositeLabel = te.encode(LABELS.Composite)
     const h2sDST = te.encode(LABELS.HashToScalar + params.dst)
@@ -70,7 +70,7 @@ async function computeComposites(
 
 // challenge implements the shared subprocedure for generating a challenge
 // used by the GenerateProof and VerifyProof functions
-// from https://www.ietf.org/id/draft-irtf-cfrg-voprf-09.html#name-discrete-log-equivalence-pr
+// from https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21#name-discrete-logarithm-equivale
 // to generate a challenge from the input elements. The point arguments
 // correspond to [B, M, Z, t2, t3] from the specification.
 function challenge(params: DLEQParams, points: [Elt, Elt, Elt, Elt, Elt]): Promise<Scalar> {
@@ -97,7 +97,7 @@ export class DLEQProof {
     }
 
     // verify_batch implements the VerifyProof function
-    // from https://www.ietf.org/id/draft-irtf-cfrg-voprf-09.html#name-discrete-log-equivalence-pr.
+    // from https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21#name-discrete-logarithm-equivale
     // The argument p0 corresponds to the elements A, B, and the argument p1s
     // corresponds to the arrays of elements C and D from the specification.
     async verify_batch(p0: [Elt, Elt], p1s: Array<[Elt, Elt]>): Promise<boolean> {
@@ -144,7 +144,7 @@ export class DLEQProver {
     }
 
     // prove_batch implements the GenerateProof function
-    // from https://www.ietf.org/id/draft-irtf-cfrg-voprf-09.html#name-discrete-log-equivalence-pr.
+    // from https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21#name-discrete-logarithm-equivale
     // The argument p0 corresponds to the elements A, B, and the argument p1s
     // corresponds to the arrays of elements C and D from the specification.
     async prove_batch(

src/groupSjcl.ts

@@ -7,14 +7,14 @@ import { checkSize, compat, errDeserialization, joinAll, xor } from './util.js'
 
 import sjcl from './sjcl/index.js'
 import {
-    Deserializer,
-    Elt,
-    errBadGroup,
-    Group,
-    GroupCons,
-    GroupID,
+    type Deserializer,
+    type Elt,
+    type Group,
+    type GroupCons,
+    type GroupID,
+    type Scalar,
     Groups,
-    Scalar
+    errBadGroup
 } from './groupTypes.js'
 
 function hashParams(hash: string): {
@@ -178,7 +178,8 @@ interface InnerScalar {
 }
 
 interface SSWUParams {
-    // See Section F.2.1.2 at https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-14#appendix-F.2.1.2
+    // See Appendix F.2.1.2 of RFC-9380
+    // https://datatracker.ietf.org/doc/html/rfc9380#appendix-F.2.1.2
     Z: sjcl.bn
     c1: sjcl.bn // 1. c1 = (p-3)/4
     c2: sjcl.bn // 2. c2 = sqrt(-Z) in GF(p).
@@ -395,8 +396,8 @@ class EltSj implements Elt {
 
     private static sswu(g: GroupSj, u: sjcl.bn): EltSj {
         // Simplified SWU method.
-        // Appendix F.2 of draft-irtf-cfrg-hash-to-curve-14
-        // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-14#appendix-F.2
+        // Appendix F.2 of RFC-9380
+        // https://datatracker.ietf.org/doc/html/rfc9380#appendix-F.2
         const curve = getCurve(g.id)
         const { a: A, b: B } = curve
         const { Z, c1, c2 } = getSSWUParams(g.id)

src/keys.ts

@@ -3,9 +3,9 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { ModeID, Oprf, SuiteID } from './oprf.js'
+import { type ModeID, type SuiteID, Oprf } from './oprf.js'
 import { joinAll, toU16LenPrefix } from './util.js'
-import { Scalar } from './groupTypes.js'
+import { type Scalar } from './groupTypes.js'
 
 export function getKeySizes(id: SuiteID): { Nsk: number; Npk: number } {
     const gg = Oprf.getGroup(id)

src/noble/edwards.ts

@@ -4,10 +4,10 @@
 // at https://opensource.org/licenses/BSD-3-Clause
 
 import { Field } from '@noble/curves/abstract/modular'
-import { CHash } from '@noble/hashes/utils'
-import { CurveFn } from '@noble/curves/abstract/edwards'
-import { ElementSpec, GroupParams, ScalarHash } from './types.js'
-import { HashID } from '../cryptoTypes.js'
+import type { CHash } from '@noble/hashes/utils'
+import type { CurveFn } from '@noble/curves/abstract/edwards'
+import type { ElementSpec, GroupParams, ScalarHash } from './types.js'
+import type { HashID } from '../cryptoTypes.js'
 
 export interface MakeEdParamsParams {
     curve: CurveFn

src/noble/element.ts

@@ -3,10 +3,10 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { ProjPointType } from '@noble/curves/abstract/weierstrass'
-import { Elt } from '../groupTypes.js'
+import type { ProjPointType } from '@noble/curves/abstract/weierstrass'
+import type { Elt } from '../groupTypes.js'
 import { ScalarNb } from './scalar.js'
-import { Point, PointConstructor } from './types.js'
+import type { Point, PointConstructor } from './types.js'
 import type { GroupNb } from './group.js'
 import { compat, errDeserialization } from '../util.js'
 

src/noble/group.ts

@@ -5,8 +5,8 @@
 
 import { bytesToNumberBE, bytesToNumberLE } from '@noble/curves/abstract/utils'
 
-import { Deserializer, Group, GroupID, Groups } from '../groupTypes.js'
-import { GroupParams } from './types.js'
+import { type Deserializer,type  Group,type  GroupID, Groups } from '../groupTypes.js'
+import type { GroupParams } from './types.js'
 import { ScalarNb } from './scalar.js'
 import { EltNb } from './element.js'
 import { getParams } from './params.js'

src/noble/hashes.ts

@@ -5,9 +5,9 @@
 
 import { sha256 } from '@noble/hashes/sha256'
 import { sha384, sha512 } from '@noble/hashes/sha512'
-import { CHash, Hash, wrapConstructor } from '@noble/hashes/utils'
+import { type CHash, Hash, wrapConstructor } from '@noble/hashes/utils'
 import { Keccak, shake256 } from '@noble/hashes/sha3'
-import { HashID } from '../cryptoTypes.js'
+import type { HashID } from '../cryptoTypes.js'
 
 export const shake256_512 = wrapConstructor<Hash<Keccak>>(() => shake256.create({ dkLen: 64 }))
 

src/noble/params.ts

@@ -11,8 +11,8 @@ import { hashToRistretto255 } from '@noble/curves/ed25519'
 import * as ed448 from '@noble/curves/ed448'
 import { hashToDecaf448 } from '@noble/curves/ed448'
 
-import { errBadGroup, GroupID, Groups } from '../groupTypes.js'
-import { GroupParams } from './types.js'
+import { errBadGroup, type GroupID, Groups } from '../groupTypes.js'
+import type { GroupParams } from './types.js'
 import { makeShortParams } from './short.js'
 import { makeEdParams } from './edwards.js'
 import { shake256_512 } from './hashes.js'

src/noble/scalar.ts

@@ -9,10 +9,10 @@ import {
     hash_to_field
 } from '@noble/curves/abstract/hash-to-curve'
 
-import { Scalar } from '../groupTypes.js'
+import type { Scalar } from '../groupTypes.js'
 import { checkSize, compat, errDeserialization } from '../util.js'
 
-import { PrimeField } from './types.js'
+import type { PrimeField } from './types.js'
 
 import type { GroupNb } from './group.js'
 

src/noble/short.ts

@@ -3,10 +3,10 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { CurveFn } from '@noble/curves/abstract/weierstrass'
 import { Field } from '@noble/curves/abstract/modular'
-import { GroupParams, HashToPointFunc, PointConstructor } from './types.js'
-import { HashID } from '../cryptoTypes.js'
+import type { CurveFn } from '@noble/curves/abstract/weierstrass'
+import type { GroupParams, HashToPointFunc, PointConstructor } from './types.js'
+import type { HashID } from '../cryptoTypes.js'
 
 export interface MakeShortParamsArgs {
     curve: CurveFn

src/noble/types.ts

@@ -4,13 +4,13 @@
 // at https://opensource.org/licenses/BSD-3-Clause
 
 import { Field } from '@noble/curves/abstract/modular'
-import { CHash } from '@noble/hashes/utils'
+import type { CHash } from '@noble/hashes/utils'
 import * as p256 from '@noble/curves/p256'
 import * as ed25519 from '@noble/curves/ed25519'
 import * as ed448 from '@noble/curves/ed448'
-import { Hex } from '@noble/curves/abstract/utils'
+import type { Hex } from '@noble/curves/abstract/utils'
 
-import { HashID } from '../cryptoTypes.js'
+import type { HashID } from '../cryptoTypes.js'
 
 export type PrimeField = ReturnType<typeof Field>
 

src/oprf.ts

@@ -3,8 +3,15 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { DLEQParams, DLEQProof } from './dleq.js'
-import { Elt, Group, GroupCons, GroupID, Groups, Scalar } from './groupTypes.js'
+import { type DLEQParams, DLEQProof } from './dleq.js'
+import {
+    Groups,
+    type Elt,
+    type Group,
+    type GroupCons,
+    type GroupID,
+    type Scalar
+} from './groupTypes.js'
 
 import {
     fromU16LenPrefixDes,
@@ -14,7 +21,7 @@ import {
     toU16LenPrefixClass,
     toU16LenPrefixUint8Array
 } from './util.js'
-import { CryptoProvider, HashID } from './cryptoTypes.js'
+import type { CryptoProvider, HashID } from './cryptoTypes.js'
 import { CryptoSjcl } from './cryptoSjcl.js'
 
 export type ModeID = (typeof Oprf.Mode)[keyof typeof Oprf.Mode]
@@ -112,13 +119,13 @@ export abstract class Oprf {
     readonly mode: ModeID
     readonly ID: SuiteID
     readonly gg: Group
-    readonly hash: HashID
+    readonly hashID: HashID
 
     constructor(mode: ModeID, suite: SuiteID) {
         const [ID, gid, hash] = getOprfParams(suite)
         this.ID = ID
         this.gg = Oprf.Group.fromID(gid)
-        this.hash = hash
+        this.hashID = hash
         this.mode = Oprf.validateMode(mode)
     }
 
@@ -142,7 +149,7 @@ export abstract class Oprf {
             ...toU16LenPrefix(issuedElement),
             new TextEncoder().encode(Oprf.LABELS.FinalizeDST)
         ])
-        return await Oprf.Crypto.hash(this.hash, hashInput)
+        return await Oprf.Crypto.hash(this.hashID, hashInput)
     }
 
     protected scalarFromInfo(info: Uint8Array): Promise<Scalar> {

src/server.ts

@@ -3,9 +3,9 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { DLEQParams, DLEQProver } from './dleq.js'
-import { Elt, Scalar } from './groupTypes.js'
-import { Evaluation, EvaluationRequest, ModeID, Oprf, SuiteID } from './oprf.js'
+import { type DLEQParams, DLEQProver } from './dleq.js'
+import type { Elt, Scalar } from './groupTypes.js'
+import { Evaluation, EvaluationRequest, type ModeID, Oprf, type SuiteID } from './oprf.js'
 import { ctEqual, zip } from './util.js'
 
 class baseServer extends Oprf {
@@ -72,7 +72,7 @@ class baseServer extends Oprf {
     }
 
     constructDLEQParams(): DLEQParams {
-        return { gg: this.gg, hash: this.hash, dst: '' }
+        return { gg: this.gg, hashID: this.hashID, hash: Oprf.Crypto.hash, dst: '' }
     }
 }
 

src/util.ts

@@ -3,7 +3,7 @@
 // Licensed under the BSD-3-Clause license found in the LICENSE file or
 // at https://opensource.org/licenses/BSD-3-Clause
 
-import { Deserializer, Group, GroupID } from './groupTypes.js'
+import type { Deserializer, Group, GroupID } from './groupTypes.js'
 
 export function joinAll(a: Uint8Array[]): Uint8Array {
     let size = 0