preparing release 1.0.6 (#54)

Author: aldenml

.codacy.yml

@@ -2,13 +2,13 @@ engines:
   duplication:
     enabled: true
     exclude_paths:
+      - 'test/**'
       - '**/test/**'
 exclude_paths:
   - '**.md'
   - '**/examples/**'
   - '**/libecc.js'
   - '**/libecc-post.js'
-  - '**/libopaque.js'
-  - '**/libopaque-post.js'
-  - '**/liboprf.js'
-  - '**/liboprf-post.js'
+  - '**/js/dist/*.d.ts'
+  - '**/libecc.c'
+  - '**/libecc.java'

CMakeLists.txt

@@ -16,7 +16,7 @@ else()
     set(BUILD_SHARED_LIBS ON)
 endif()
 
-project(ecc VERSION 1.0.5)
+project(ecc VERSION 1.0.6)
 project(ecc LANGUAGES C)
 
 list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules)

README.md

@@ -13,6 +13,40 @@ and [blst](https://github.com/supranational/blst).
 | Java               | [jvm](jvm) | [![maven](https://img.shields.io/maven-central/v/org.ssohub/ecc.svg?label=maven)](https://search.maven.org/search?q=g:%22org.ssohub%22%20AND%20a:%22ecc%22) |
 | Javascript         | [js/ecc](js/ecc) | [![npm](https://img.shields.io/npm/v/@aldenml/ecc)](https://www.npmjs.com/package/@aldenml/ecc) |
 
+### OPRF Oblivious pseudo-random functions using ristretto255
+
+This is an implementation of [draft-irtf-cfrg-voprf-08](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08)
+ciphersuite **OPRF(ristretto255, SHA-512)** using `libsodium`.
+
+There are two variants in this protocol: a *base* mode and *verifiable* mode. In the
+base mode, a client and server interact to compute `output = F(skS, input, info)`,
+where `input` is the client's private input, `skS` is the server's private key, `info`
+is the public input, and `output` is the computation output. The client learns `output`
+and the server learns nothing. In the verifiable mode, the client also receives proof
+that the server used `skS` in computing the function.
+
+The flow is shown below (from the irtf draft):
+```
+  Client(input, info)                               Server(skS, info)
+  ----------------------------------------------------------------------
+  blind, blindedElement = Blind(input)
+
+                             blindedElement
+                               ---------->
+
+                 evaluatedElement = Evaluate(skS, blindedElement, info)
+
+                             evaluatedElement
+                               <----------
+
+  output = Finalize(input, blind, evaluatedElement, blindedElement, info)
+```
+
+In the verifiable mode of the protocol, the server additionally
+computes a proof in Evaluate. The client verifies this proof using
+the server's expected public key before completing the protocol and
+producing the protocol output.
+
 ### BLS12-381 Pairing
 
 In the context of pairing friendly elliptic curves, a pairing is a map `e: G1xG2 -> GT` such

bindings/js/README.md

@@ -7,6 +7,40 @@ This is the javascript version of the [ecc](https://github.com/aldenml/ecc) libr
 It is a WebAssembly compilation with a thin layer on
 top to expose the cryptographic primitives.
 
+### OPRF Oblivious pseudo-random functions using ristretto255
+
+This is an implementation of [draft-irtf-cfrg-voprf-08](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08)
+ciphersuite **OPRF(ristretto255, SHA-512)** using `libsodium`.
+
+There are two variants in this protocol: a *base* mode and *verifiable* mode. In the
+base mode, a client and server interact to compute `output = F(skS, input, info)`,
+where `input` is the client's private input, `skS` is the server's private key, `info`
+is the public input, and `output` is the computation output. The client learns `output`
+and the server learns nothing. In the verifiable mode, the client also receives proof
+that the server used `skS` in computing the function.
+
+The flow is shown below (from the irtf draft):
+```
+  Client(input, info)                               Server(skS, info)
+  ----------------------------------------------------------------------
+  blind, blindedElement = Blind(input)
+
+                             blindedElement
+                               ---------->
+
+                 evaluatedElement = Evaluate(skS, blindedElement, info)
+
+                             evaluatedElement
+                               <----------
+
+  output = Finalize(input, blind, evaluatedElement, blindedElement, info)
+```
+
+In the verifiable mode of the protocol, the server additionally
+computes a proof in Evaluate. The client verifies this proof using
+the server's expected public key before completing the protocol and
+producing the protocol output.
+
 ### BLS12-381 Pairing
 
 In the context of pairing friendly elliptic curves, a pairing is a map `e: G1xG2 -> GT` such

bindings/js/dist/ecc.dev.js

@@ -2,26 +2,27 @@
  * Evaluates serialized representations of blinded group elements from the
  * client as inputs.
  *
- * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-07#section-3.3.1.1
+ * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08#section-3.3.1.1
  *
  * @param {Uint8Array} skS private key
  * @param {Uint8Array} blindedElement blinded element
+ * @param {Uint8Array} info
  * @return {Promise<Uint8Array>} evaluated element
  */
-export function oprf_ristretto255_sha512_Evaluate(skS: Uint8Array, blindedElement: Uint8Array): Promise<Uint8Array>;
+export function oprf_ristretto255_sha512_Evaluate(skS: Uint8Array, blindedElement: Uint8Array, info: Uint8Array): Promise<Uint8Array>;
 /**
  * Same as calling `oprf_ristretto255_sha512_Blind` with an
  * specified scalar blind.
  *
- * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-07#section-3.3.3.1
+ * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08#section-3.3.3.1
  *
  * @param {Uint8Array} input message to blind
  * @param {Uint8Array} blind scalar to use in the blind operation
  * @return {Uint8Array} blinded element
  */
 export function oprf_ristretto255_sha512_BlindWithScalar(input: Uint8Array, blind: Uint8Array): Uint8Array;
 /**
- * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-07#section-3.3.3.1
+ * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08#section-3.3.3.1
  *
  * @param {Uint8Array} input message to blind
  * @return object {blind, blindedElement}
@@ -31,10 +32,11 @@ export function oprf_ristretto255_sha512_Blind(input: Uint8Array): Promise<{
     blindedElement: Uint8Array;
 }>;
 /**
- * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-07#section-3.3.3.2
+ * See https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-08#section-3.3.3.2
  *
  * @param input the input message
  * @param blind
  * @param evaluatedElement
+ * @param {Uint8Array} info
  */
-export function oprf_ristretto255_sha512_Finalize(input: any, blind: any, evaluatedElement: any): Promise<Uint8Array>;
+export function oprf_ristretto255_sha512_Finalize(input: any, blind: any, evaluatedElement: any, info: Uint8Array): Promise<Uint8Array>;

bindings/js/dist/ecc.min.js

@@ -1,6 +1,6 @@
 {
   "name": "@aldenml/ecc",
-  "version": "1.0.5",
+  "version": "1.0.6",
   "description": "elliptic curves crypto functions",
   "main": "index.js",
   "types": "./dist/index.d.ts",

bindings/js/dist/oprf.d.ts

@@ -12,7 +12,7 @@ plugins {
 }
 
 group = "org.ssohub"
-version = "1.0.5"
+version = "1.0.6"
 
 java {
     sourceCompatibility = JavaVersion.VERSION_1_8